Exploit acquisition firm, Crowdfense, is offering a total of $30 million for zero-day exploits targeting Android, iOS, Chrome, and Safari.
Founded in 2017, Crowdfense describes itself as a research hub and acquisition platform for high-quality zero-day exploits and advanced vulnerability research.
In 2019, the company announced an exploit acquisition program for Android and iOS zero-day vulnerabilities, offering payouts of up to $3 million for full-chain, previously unreported exploits.
This year, the firm has revealed significantly higher rewards as part of the program.
Crowdfense Bounties for Zero-Click Exploits
Crowdfense is now offering bounties of up to $9 million for zero-click full chain exploits deliverable via SMS or MMS messages.
Researchers able to deliver zero-click full chain exploits for Android may earn as much as $5 million, while those identifying similar zero-days in iOS could receive as much as $7 million for their findings.
Exploits Exploits leading to remote code execution and sandbox escape on iOS could earn researchers up to $3.5 million. The company is willing to pay between $2 million and $3 million for Chrome exploits leading to remote code execution and local privilege escalation, and $2.5 million to $3.5 million for similar exploits targeting Safari.
Crowdfense is also offering hundreds of thousands of dollars for less impactful sandbox escape exploits targeting Chrome and Safari.
Criteria for Payout Eligibility
According to the company, only fully functional, top-quality zero-day exploits will be evaluated as part of the program. “Payouts for full-chains or previously unreported, exclusive capabilities, range from USD 10,000 to USD 9 million per successful submission.
Also read: How Cloudflare uses lava lamps to strengthen website encryption
Partial chains will be evaluated on a case-by-case basis and priced proportionally,” Crowdfense announced.
Crowdfense is not the only firm looking to acquire Android and iOS exploits. Last year, Russian zero-day acquisition firm Operation Zero announced it was willing to pay up to $20 million for full exploit chains targeting the iOS and Android mobile platforms, claiming “high demand on the market”.
What is an Exploit Acquisition Program?
An exploit acquisition program is essentially a bug bounty program on steroids, targeting specific high-risk vulnerabilities and offering significant financial rewards.
Exploit acquisition programs typically involve researchers and hackers being paid to discover previously unknown vulnerabilities in software, operating systems, and internet-connected devices.
These zero-day exploits are then kept secret and stockpiled by the acquiring organization, rather than being reported to the software vendors so they can be patched.
Companies like Crowdfense claim to acquire these zero-days with the goal of re-selling them to other organizations, usually government agencies or government contractors, which claim they need the hacking tools to track or spy on criminals.
Outside of the public’s view, it’s possible that governments and companies are paying even higher prices for these zero-day exploits.
The prices in Russia, for example, may be inflated due to the war in Ukraine and subsequent sanctions, which could discourage or prevent people from dealing with a Russian company like Operation Zero.
