Here is the price list for iPhone hacking: How much hackers charge for zero-day iOS exploits
The market for zero-day exploits in the cybersecurity industry is experiencing significant growth, with prices on the rise for hacks that target widely-used devices and software. Crowdfense, a startup that focuses on acquiring and selling zero-day vulnerabilities, has released its latest pricing list, showing high prices for exploits that target iPhones, iMessage, and other popular technologies.
Pricing Revealed: Valuation of Zero-Day Hackers
Zero-day exploits, named for their reliance on undisclosed vulnerabilities unknown to software developers, rake in huge sums of money because they enable cover-up and espionage. Crowdfense’s price list shows that it pays between $5 million and $7 million for zero-days that can penetrate an iPhone, while Android exploits can fetch up to $5 million. Similarly, exploits targeting popular web browsers and messaging platforms bring in the most money, with Google Chrome and Safari vulnerabilities fetching $3 million and $3.5 million, respectively, and iMessage and WhatsApp hacking between $3 million and $5 million, reports techcrunch.
Rising prices: factors influencing the rise
These numbers represent a significant increase from Crowdfense’s previous pricing, reflecting the growing demand for advanced hacking tools. The rise in prices is due to tighter security measures by tech giants like Apple and Google, which have prompted hackers to seek out increasingly rare and elusive vulnerabilities.
Although Crowdfense’s profits are among the highest in the industry, other players, especially in Russia, offer even more lucrative prizes. Last year, a Russian company called Operation Zero announced plans to pay up to $20 million to exploit iPhones and Androids, although geopolitical tensions and sanctions could affect the availability of such deals.
Despite the lucrative payouts from third-party intermediaries, tech companies like Apple also offer their own bug bounty programs. For example, Apple’s Security Research Bounty program offers a reward of up to $2 million for critical security holes found in its products.
The rising prices of zero-day attacks highlight the evolving cybersecurity landscape, where the competition to find and exploit vulnerabilities is driven by both financial incentives and geopolitical interests. As technology advances, the need for effective cybersecurity measures and ethical hacking practices becomes increasingly important in protecting digital ecosystems from malicious actors.