Just a few short months after security firm Zerodium offered a million dollar bounty for a working exploit that could remotely jailbreak an iPhone or iPad running the latest version of iOS a team of hackers may have found the answer and successfully claimed one of the $1 Million dollar prizes.
A tweet sent out on Monday from Zerodium congratulated one winning team, though it didn't identify the researchers, nor did they offer any further details of the exploit. However, it would appear as though they have submitted the results and Zerodium has confirmed that the exploit "is still being extensively tested by Zerodium to verify and document each of the underlying vulnerabilities."
The challenge consisted of finding a way to remotely jailbreak a new iPhone or iPad running the latest version of Apple’s mobile operating system iOS (in this case iOS 9.1 and 9.2b), allowing the attacker to install any app he or she wants with full privileges. The initial exploit, according to the terms of the challenge, had to come through Safari, Chrome, or a text or multimedia message.
Zerodium founder Chaouki Bekrar explained to Motherboard that the winning team found a "number of vulnerabilities" in Chrome and iOS to bypass "almost all mitigations" and achieve "a remote and full browser-based (untethered) jailbreak."
If true this would likely be the first such jailbreak since the days of iOS 7. Zerodium hasn’t revealed any details of the hack or provided and details of the team who is claiming the bounty, and isn’t likely to do so either. In the past Zerodium has been known to be an exploit accumulation service, gaining the information from security teams and then selling that exploit for a profit to the highest bidder. These bidders are more often than not intelligence agencies like NSA or FBI, who have often complained about how difficult it is to access an iPhone.
In this case Bekrar says he expects to sell the new iOS hack to a U.S. customer and has no intention of informing Apple of the security vulnerabilities that are used or how the exploit works.