iPhones are no longer hard to hack, exploits prices drop drastically


Zerodium announces it’s is no longer buying certain types of iOS exploits due to oversupply

The world’s top buyer of iOS exploits, Zerodium has announced that it will stop buying certain types of iPhone exploits for now. Zerodium became famous among iOS hackers after it had announced that it would buy iPhone cracks from hackers for a price some 4 years ago. Now it has announced on Twitter that it has stopped buying iOS exploits for new Apple iOS Local Privilege Escalation, Safari Remote Code Execution, and sandbox escapes. Zerodium said that it already had a high number of pending submissions for these exploits so it was deferring buying for two to three months.

Zerodium also said that expects the Apple iPhone exploit prices to drop for one-click (via Safari browser) exploit chains without persistence. What the Zerodium added would perplex many iPhone fanboys. It seems that iPhones are no longer unhackable as they were perceived to be. The Zerodium CEO says that iOS security sucks and only PAC and non-persistence were holding it together. He added that the new exploits were emerging bypassing even these two.

With iOS exploit prices dropping so fast, many hackers are moving to find Android weaknesses.

iPhone – Apple’s unhackable smartphone a myth?

Over the years we have been made to believe that Apple iPhones are very hard to crack. Even FBI had problems with hacking a felon’s smartphone that it had to move to High Court to order Apple to unlock the iPhone for them. But not anymore.

Zerodium had advertised that it was willing to pay up to $2 million for iOS exploit chains that achieve persistence and require no user interaction. Similar Android smartphone exploits sell for $2.5 million.

Over the years iOS security has deteriorated. A month back it was discovered that iOS 13 powering the iPhones can be hacked through emails. This is despite Apple having a very successful bug bounty program that has a payout of $1 million for exploits that achieve persistence, bypass PAC and require no user interaction.


About Author

"The Internet is the first thing that humanity has built that humanity doesn't understand, the largest experiment in anarchy that we have ever had." Eric Schmidt

Notify of
Inline Feedbacks
View all comments