Recall in September when security startup Zerodium offered a $1 million bounty to the person who can create an “exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9?” Well, we have a winner.
Monday, Zerodium announced that a group of hackers successfully developed a technique to break into any iPhone or iPad running the iOS 9 by tricking them into visiting a crafted website – better known as a “jailbreak.” The company agreed to pay the bounty for this zero-day hacking technique.
Two teams of hackers set out to claim the bounty, but only one was successful in developing a complete, working iOS attack.
“Two teams have been actively working on the challenge, but only one has made a full and remote jailbreak,” Zerodium’s founder Chaouki Bekrar wrote. “The other team made a partial jailbreak and they may qualify for a partial bounty (unconfirmed at this time).”
The challenge required one to find a way to remotely jailbreak Apple’s latest iOS, allowing the attacker to install any app with full privileges. The initial exploit had to come through Safari, Chrome, or a text message. As Apple devices are considered extremely secure, this challenge was surely not a simple one. It essentially meant that a hacker needed to find a series or chain of unknown zero-day bugs, not just one.
“Making the jailbreak remotely triggerable via Safari or Chrome requires at least two to three additional exploits compared to a local jailbreak,” Bekrar said. “The winning team submitted the exploits just a few hours before the expiration of the Zerodium bounty.”
The hackers found numerous vulnerabilities in Chrome and iOS they used to achieve a remote and full untethered jailbreak. Prior to this, no one had found a way (or at least not publicly known) to jailbreak an iPhone remotely since the iOS 7, making that more than a year.
Bekrar said that the iOS exploit will likely be sold to U.S. customers only. “We planned initially to not release any information about the outcome of the bounty but we’ve decided to do it to inform the community about the security of iOS which is definitely very hardened, but not unbreakable,” he said.
The company’s founder has declined to release the names of the hackers.
Via Wired
Advertisement
Learn more about Electronic Products Magazine
