Zerodium, which had announced to pay $1 million USD to those that could provide a good iOS 9 jailbreak, finally made it public via twitter that some hackers have won $1 million by finding a remote jailbreak of an iPhone.
“Our iOS #0day bounty has expired & we have one winning team who made a remote browser-based iOS 9.1/9.2b #jailbreak (untethered). Congrats!,” Zerodium tweeted on November 2.
Last month, the company launched “The Million Dollar iOS 9 Bug Bounty” program which aimed to buy an “exclusive, browser-based, and untethered jailbreak” for Apple’s latest mobile operating system,
However, the company has not revealed the winner names or any further details.
A news published in Forbes Magazine, reported that the winners must have spent a significant amount of time trying to meet the tough requirements of the $1 million bounty: a remote attack that successfully took control of an iPhone via either Apple’s Safari browser, Google GOOGL +0.13% competitor Chrome or a text message. The $1 million bounty also required exploits work on the iPhone 6 or 6S, not any earlier models.
As per the news report, it had contacted the Zerodium’s founder, Chaouki Bekrar, however, he had not commented on it.
“The winning team has submitted the exploits just a few hours before the expiration of the Zerodium bounty as they have been working very hard to finish and polish the code until the last day. The exploit chain includes a number of vulnerabilities affecting both Google Chrome browser and iOS, and bypassing almost all mitigations in place. The exploit is still being extensively tested by Zerodium to understand each of the underlying vulnerabilities,” the founder added.