cross-posted from [email protected]
- Operation Zero, a Russian company, has increased its bounty for zero-day exploits on iPhones and Android devices from $200,000 to $20 million.
- The company sells these exploits exclusively to Russian private and government organizations, specifying that the end user is a non-NATO country.
- The high bounties may be temporary and are a reflection of market demand and the difficulty of hacking iOS and Android platforms.
- Unlike traditional bug bounty platforms, Operation Zero sells vulnerabilities to governments without alerting the affected vendors.
- The zero-day market is largely unregulated, but affected by geopolitics, such as new regulations in China that aim to corner the market for intelligence purposes.
I hope whomever claims the bounty also alerts the relevant platform. Perhaps they can get 2 bounties.
I doubt I’ll ever be in this position. But, I can assure you that double-crossing a Russian Mafia gang is not on my bucket list.
The trick is to make sure you’ve checked everything else off on your list before getting to that one