Skip to main content

iOS9 is the target of the biggest bug bounty ever: $1 million

An enormous new challenge has been set for the information security community, what’s known as a “bug-bounty” — a cash reward in return for the discovery of vulnerabilities. For researchers, getting such prizes can be both lucrative and a point of pride. This week, the largest bug-bounty award ever in the amount of $1 million has set security researchers into a race to be the first. The target is iOS 9, and the challenge asks for a browser-based, untethered jailbreak of the operating system.

Previous bug programs have featured payout in the hundreds or even thousands of dollars, and in a handful of cases, on the order of a hundred thousand dollars. But a million bucks? That’ll buy a lot of 10-hour energy drinks.

Recommended Videos

The company behind the bounty is known as Zerodium. The startup presents itself as a zero-day vulnerability and exploit acquisition program, meaning that being on the cutting edge of vulnerabilities is critical to its business model. The company reports security information that it collects from independent researchers on to clients through a security-research news feed. This information includes analysis, documentation, and protective measures.

Bug bounties have emerged as a popular way to discover vulnerabilities throughout the security community. It’s a way to accelerate the discovery of security flaws before they emerge in the wild. Zerodium is prepared to pay out a total of up to $3 million in prizes for various exploits, according to contest details explained on the company’s webpage:

The Million Dollar iOS 9 Bug Bounty is tailored for experienced security researchers, reverse engineers, and jailbreak developers, and is an offer made by ZERODIUM to pay out a total of three million U.S. dollars ($3,000,000.00) in rewards for iOS exploits/jailbreaks.

There’s a catch however — a deadline of 6 p.m. on October 31, 2015 for this particular program. So crackers, get cracking.

There are numerous indicators that suggest the web engine known as Webkit will be a prime vector in the hunt for this bug; WebKit is the core rendering engine in Apple’s Safari web browser, after all. Google’s Chrome browser uses a forked version of the same rendering engine called Blink. Both Webkit and Blink have been the target of repeated research projects as it is a component that has produced a number vulnerabilities and has been a primary path to successful exploits.

Although this research is initially oriented at the enterprise, the discovery of any significant bugs will undoubtedly reach the greater community as fixes and updates emerge to address them. Just this week, news emerged about another threat to the Apple ecosystem in the form of malware-compromised apps that had to be taken offline.

John Casaretto
Former Digital Trends Contributor
John is the founder of the security company BlackCert, a provider of SSL digital certificates and encryption products. A…
New iPhone 17 Pro render keeps us guessing on the final design
Apple iPhone 17 Pro Render

Apple is to expected to announce the iPhone 17 series later this year, likely sometime in September if previous release patterns are anything to go by. By our calculations, that puts us around five months out, though math is not our strong point – we're writers here after all. 

What we do know however, is that in the upcoming months we are no doubt going to see more conflicting rumors about what we can expect from the iPhone 17 and iPhone 17 Pro models in terms of design. A few months back, it was suggested the iPhone 17 Pro models would feature a new camera bar across their rear, taking on a more Pixel-like approach. 

Read more
Moto’s Galaxy Z Flip 6 rival could offer better performance for less cash
Someone holding the Motorola Razr Plus 2024, showing the back of the phone.

91Mobile reports that Motorola’s upcoming foldable phone, the Razr 60 Ultra, could be a powerhouse. The new phone is expected to be announced in just a few days.

As the site explains, the Razr 60 Ultra is expected to include the Qualcomm Snapdragon 8 Elite chipset, which is also found in other 2025 flagships, including the OnePlus 13 and Samsung Galaxy S25 series.

Read more
Lenovo’s affordable notetaking tablet just dropped to $130
Someone holding the Lenovo Tab M11.

If you want a tablet that's capable of multi-tasking and operation in multiple windows, you don't actually need to buy an expensive tablet or one of the best 2-in-1 tablets. You can actually get everything you need with a Lenovo Tab M11, an affordable tablet that is normally just $180. That's a pretty good deal already, but it gets even better with this tablet deal — today you can get a Lenovo Tab M11 for just $130, a savings of $50. Learn more about the tablet below, or check out its store page and take advantage of this deal by tapping the button below.

Why you should buy the Lenovo Tab M11
The Lenovo Tab M11 has an 11-inch, 1920 x 1200 pixel screen that refreshes at 90Hz. It only has 4GB of RAM but still has the capabilities to use a split screen or multiple windows for multiple tasks at once. Or it can pass tasks to another (presumably more powerful) device via Bluetooth. It also has reading and document scan modes that make the Lenovo Tab M11 a perfect tablet for studying. This version of the tablet comes with 64GB of storage.

Read more