Bug bounty hunters can earn up to $1.5 million from information security firm Zerodium for a successful security exploit of Apple's iOS 10. The American company is offering the reward money for finding original and unreported security vulnerabilities in major operating systems including iOS, Android, Windows, MacOS, and Linux. Brand new "zero-day" exploits including for iPhones and iPads will be reported to the company's clients that include large corporations and government groups.
Zerodium was founded in 2015. Its main business is finding zero-day vulnerabilities for its customers that include technology, defense, and finance businesses.
The Washington D.C.-based company is recompensing people different ranges of rewards for various platforms. Hackers can get up to $1.5 million for finding iOS vulnerabilities, $200,000 for Android (up from $100,000), and $30,000 for MacOS, Windows, and Linux.
Zerodium is also offering cash prizes for web browsers. Expert hackers who find vulnerabilities on Microsoft's Edge and Internet Explorer, or Google's Chrome can get pay-outs as high as $80,000 (up from $50,000).
Last year Zerodium made headline news when it offered $1 million for finding new iPhone and iPad vulnerabilities, according to PC Magazine. It later halved the bug bounty after it made three big payouts.
The company reported it has increased the reward amounts due to boosted security for iOS 10 and Android 7. Zerodium founder Chaouki Bekrar explained that the company wants to attract researchers throughout the whole year instead just during one bug bounty period, according to Tech Times.
The FAQ page of the data security company states that all acquisitions will be paid in full. It will be in one payment through a bank or wire transfer.
Zerodium shared it has paid out more than $65 million to get exploits and vulnerabilities during the past year. Its largest payouts were for the iOS and Android platforms.
The security company has received criticism in the past. It has often sold security exploits to the highest bidder instead of reporting them to OS developers and device makers.
Apple has also been offering bug bounties for hacks of iPhones and iPads. Last month the Silicon Valley company announced its exploit bounty program at the annual hacker conference Black Hat. The world's most valuable tech company is offering up to $200,000 for exploits discovered in iOS 10 released last month.
Google's Vulnerability Reward Program also paid out over $2 million in bug bounties last year. Microsoft and Facebook have had similar programs for several years.
Here are tips for avoiding smartphone hacks: