Developers find browser exploitable zero days in iOS

Spread the love

Developers have earned a $1 million bounty, converted around $910,000, by finding an iOS leak exploit that works through a browser. Apple is not allowed to know the details for now, because the security company that offered the bounty sells the info to governments and companies.

Security company Zerodium announced on Twitter that a team of developers has managed to show a jailbreak enabled by the leaks from a browser on iOS 9.1 and 9.2. The jailbreak was part of a competition that Zerodium held for developers. Another team managed to get a partial jailbreak and thus probably get a share of the bounty.

The jailbreak method will not be publicly available online. Zerodium’s revenue model is to sell information about vulnerabilities before companies have a chance to fix the vulnerabilities, according to Wired. Many hackers see this as unethical, because developers selling the vulnerabilities are helping to spy and hack with malicious intent.

Zerodium says it may tell Apple details about the vulnerabilities “later,” but will provide that information to its customers first. Who those customers are is unknown, but customers’ areas of activity are defense, technology and finance, the security company says.

For a jailbreak that works with a site prepared for that purpose, it is necessary to find a series of vulnerabilities in iOS that make it possible to gain and maintain remote access to the system and to be able to perform actions on it. Because the vulnerabilities are in the latest versions of iOS, that information is now valuable to businesses and governments looking to access iPhones remotely. It is then necessary that the person who wants to perform the jailbreak to persuade iOS users to go to a designated page in the browser. It is unknown whether the jailbreak works via Safari or Chrome.

A jailbreak via the browser has been done before. A developer created JailbreakMe for iOS 4, which allowed users to jailbreak through a website.

Update, 17:10:Clarifies that it is not a jailbreak usable for users, but a series of zero days.

You might also like
Exit mobile version