Do you remember a cyber security firm, Give 3D Touch To Android Phone Like iPhone 6s By Hacking Its Barometer around the world. That the company will pay One million U.S. dollars bounty to hackers for remotely jailbreaking iOS 9. And now we have a winner, someone just found an iOS zero-day vulnerability that could allow an attacker to remotely hack your iPhone running the latest version of iOS, i.e. iOS 9.
The hack came about as part of a challenge started in September by bug bounty startup Zeriodium, that was expired on October 31. The rules of the contest needed the hackers to exploit the iOS device using an attack via a web page on Safari or Chrome browser or In-app browsing action or text message or MMS.
It wasn’t an easy challenge. In mid-October Chaouki Bekrar, founder of Zerodium, reported to Motherboard that two hackers team were contacted the company but they both got stuck and were unable to proceed ahead. Eventually, however, one of the teams found a way. Bekrar explained that the winning team found a “number of vulnerabilities” in Chrome and iOS to bypass “almost all mitigations” and achieve “a remote and full browser-based (untethered) jailbreak.” There have been no official details released regarding the successful remote jailbreak, but as Motherboard points out, this would be the first jailbreak of its kind since iOS 7.
— Zerodium (@Zerodium) November 2, 2015
Bekrar declined to identify the team that won the prize, as well as details about the exploits they found. He also declined to say how much he is planning to sell this exploit for.
But there’s no doubt that for some, this exploit is extremely valuable. Intelligence agencies such as the NSA and the CIA have run into problems when trying to hack into iPhones to spy on their targets, and the FBI has publicly complained about Apple’s encryption for months. This exploit would allow them to get around any security measures and get into the target’s iPhone to intercept calls, messages, and access data stored in the phone.