Zerodium, a company that pays for security information and exploit, awarded an anonymous team of hackers $1 million for hacking iOS 9.1. The competition called The Million Dollar iOS 9 Bug Bounty was announced in September. The fact that they had a winner was announced at the beginning of this month. Why would anyone pay $1 million to have a software hacked? Because they will sell the information to the highest bidder. Technology companies, finance institutions and defense corporations are apparently willing to pay a lot more in order to secure their backs.
The iOS 9.1 hack information will probably be sold to a US customer, according to Zerodium. The iOS 9.1 hack could help other companies to improve their own software. By having the iOS 9.1 hack information, other institutions and companies will be able to assess their own vulnerabilities and work their ways around them. Unfortunately, there is no guarantee that the customer that will get their hands on the iOS 9.1 hack information will use it only in scientific purposes. There is also a possibility that the information retrieved by Zerodium about the iOS 9.1 hack could get into the wrong hands. The customer could be a company interested in illegal surveillance for example. The iOS 9.1 hack is a serious problem that could affect a great number of users, depending on the hands the information gets in.
Although this seems to be on the verge of illegal activity it isn’t. The Bug Bounty competition that led to the iOS 9.1 hack was not illegal and neither is selling the obtained information to the highest bidder. So far it seems that Zerodium has no intention of selling the information directly to Apple. The iOS 9.1 hack was successful, so Apple should start to run its own checks in order to improve their operating system. Zerodium will probably let them know about the way the iOS 9.1 hack was pulled through, but they certainly won’t share this information before selling it to others first.
According to Zerodium there were two hacker teams that were in the competition to win the prize for the iOS 9.1 hack attack. This certainly means that the iOS 9.1 is not impenetrable nor perfect and should make Apple and other software developers for that matter pay more attention to their security.