Hack WhatsApp, get Rs 3 crore, says Zerodium

US-based security firm Zerodium which specialises in acquiring and reselling zero-day exploits has offered $500,000 (Rs 3 crore) for finding zero-day exploits in secure messaging platforms including WhatsApp, Signal and Telegram.

Must Read

Sumit Deb begins new journey as CMD of NMDC

Senior PSU leader Sumit Deb has assumed charge as Chairman-cum-Managing Director of NMDC Limited. He succeeds N. Baijendra Kumar.

Spearheading transformation towards sustainable future in times of Covid-19

Bringing the governments, businesses, academia, and communities together to spearhead the transformational and systematic effort towards a sustainable future is needed

Tata Communications gets local telecom license in Saudi Arabia

Under Type B telecom license, Tata Communications will be able to provide Internet Service Provider and related telecom services to enterprises in a defined capacity, along with local currency billing for end-customers

A US-based security firm Zerodium which specialises in acquiring and reselling has offered $500,000 (Rs 3 crore) for finding in secure messaging platforms including WhatsApp, and Telegram.

A zero-day exploit is a security flaw in a software that is unknown even to the vendor. This security flaw is exploited by black-hat before the vendor becomes aware and fixes it. Messengers like Whatsapp and Signal use end to end encryption and the payouts for exploiting these messengers proves that compromising these apps is no child’s play but as seen in the past, for the right price, even the most sophisticated can be hacked.

“ZERODIUM pays premium bounties and rewards to security researchers to acquire their original and previously unreported zero-day research affecting major operating systems, software, and devices. “While the majority of existing bug bounty programs accept almost any kind of vulnerabilities and [proof of concepts] but pay very low rewards, at ZERODIUM we focus on high-risk vulnerabilities with fully functional exploits, and we pay the highest rewards on the market.” said company on its website.

According to its website, ZERODIUM customers are major corporations in defense, technology, and finance, in need of advanced zero-day protection, as well as government organisations in need of specific and tailored cybersecurity capabilities.

“Surveillance agencies and governments are actively seeking and in some cases like UK, are demanding access to communication on encrypted messaging platforms with little luck. This $500,000 bounty does not come as a surprise. If anything it appears to be low,” said Ankush Johar, Director, BugsBounty.com.

“A Bug Bounty program is crowd sourcing of a defensive nature. This hunt for Zero-Days is offensive crowd sourcing of security vulnerabilities. Crowdsourced security is the ultimate solution for finding any possible security bug whether defensive or offensive, like in this case,” he added.

Telegram had offered $200,000 to any hacker that could break their encryption back in 2014. Whatsapp also runs a bugs bounty program, but the $500,000 zero-day bounty highlights the heightened market demand for such security exploits.”

“Right to has been declared a fundamental right in India and citizens globally are demanding greater privacy. This could drive the price upwards to $1.5 million, like in the case of iOS previously,” said Johar.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Tata Communications gets local telecom license in Saudi Arabia

Under Type B telecom license, Tata Communications will be able to provide Internet Service Provider and related telecom services to enterprises in a defined capacity, along with local currency billing for end-customers
- Advertisement -SAP Hana

Related Articles