Zerodium, a company that pays up to $2 million for exploits on operating system Apple's iOS, reports that it is reducing its prices because the number of exploits targeting this platform has increased significantly recently.
In other words, the company is no longer willing to spend so much money on hacks on iOS because the system is no longer what it used to be and there are many security vulnerabilities.
"IOS security is fucked", said Chaouki Bekrar, CEO and founder of Zerodium.
Η Zerodium αναφέρει ότι ένας πιθανός λόγος για την αύξηση του αριθμού των exploits που στοχεύουν στο iOS θα μπορούσε να είναι ο μεγαλύτερος αριθμός των ερευνητών που αναζητούν σφάλματα ασφαλείας στο functional σύστημα της Apple, καθώς και τα jailbreaks make it possible to carefully inspect the code with reverse engineering.
As a result, the company states that it is no longer interested in specific types of iOS exploit.
“We do NOT want new Apple iOS LPE, Safari RCE, or sandbox escapes for the next 2 to 3 months due to the large number of submissions related to these vulnerabilities. Prices for iOS one-click chains (e.g. via Safari) are likely to drop in the near future,” Zerodium announced in Twitter.
“Only PAC and non-persistence still hold… but we see many exploits bypassing PAC and there are some persistence exploits (0days) that work with all iPhone/iPad. Hopefully iOS 14 will be better.”
Apple is expected to introduce the new iOS 14 in the fall, probably together with the new iPhone models. However, a preview of this updated versions of the operating system is expected to be announced and released at the WWDC conference, with an early beta version.
