Zero Day exploit is a lot like spotting the Achilles heel which can bring the whole program down.
Washington DC-based Zerodium is willing to shred some serious bounty to hackers who can help find exploits on secure messaging platforms like WhatsApp and Signal. The firm, which specializes in zero-days exploit deals and vulnerability research, promises to give away $500,000 (approximately Rs 32 Crore) for tools that can remotely intrude user data on the two currently most secured messaging platform.
A zero-day vulnerability involves discovery of loop hole in a software that might have gone unnoticed by the vendor (in this case WhatsApp and Signal). This security loop hole is then exploited by hackers before the vendor finds out, and becomes inquisitive to fix it.
“While the majority of existing bug bounty programs accept almost any kind of vulnerabilities and [proof of concepts] but pay very low rewards, at ZERODIUM we focus on high-risk vulnerabilities with fully functional exploits, and we pay the highest rewards on the market,” the company website reads. It’s not WhatsApp and Signal that are on Zerodium’s radar. The company is willing to drop anything near to $1.5 million for such exploits in iOS, Android, Windows, and every other program that you can think off. ALSO READ: Here’s a closer look at WhatsApp end-to-end encryption and how it’s securing your messages
According to Mashable, the zero-day exploit company’s generous payout scheme is exactly what makes them mysterious. Zerodium claims to have customers from major corporations in defense, technology, and finance and even government organizations who need protection from zero-day vulnerability. The report also speculates that Zerodium’s unusual bounty for WhatsApp and Signal means that the user data of these two apps are highly sought after. WhatsApp and Signal users can breathe a sigh of relief till the time hackers come up with such a tool and deliver it to Zerodium.