The targets were the new and highly secure iOS 9.1 and iOS 9.2b, and Zerodium, the start-up that unveiled the contest, set the terms which included jailbreaking an iPhone remotely through Safari, Chrome, text or a multimedia message. The winning hacker should thus be able to successfully install any app in the target device with full privileges.
The start-up announced the contest on September 21, sating "ZERODIUM will pay out one million U.S. dollars ($1,000,000.00) to each individual or team who creates and submits to ZERODIUM an exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices."
Jailbreaking an iPhone remotely is usually much harder than doing it manually, and hackers need to run a series of bugs to accomplish a jailbreak.
Apple's iOS and OS X contain deep security flaws, say researchers
"Making the jailbreak remotely triggerable via Safari or Chrome requires at least two to three additional exploits compared to a local jailbreak," said Chaouki Bekrar, founder of Zerodium to Motherboard on Twitter.
The contest was on for months, but hours before the deadline expired, one of the competing hacker teams pressed the buzzer. This is what Zerodium tweeted yesterday:
Our iOS #0day bounty has expired & we have one winning team who made a remote browser-based iOS 9.1/9.2b #jailbreak (untethered). Congrats!— Zerodium (@Zerodium) November 2, 2015
Our iOS #0day bounty has expired & we have one winning team who made a remote browser-based iOS 9.1/9.2b #jailbreak (untethered). Congrats!
Hacking iPhones is usually the ultimate prize for advanced hackers, yet very few of them achieve the feat. Apple's well-known secrecy as far as its software development is concerned contributes to the challenge.
Giant online enterprises like Facebook and Google offer generous money to well-meaning hackers to search for bugs and weaknesses in their software and thus stay ahead of the not-so-well-meaning ones. However, in this case, Apple won't get to see how the $1 million-winning team found their way into an iPhone remotely. Zerodium doesn't share such vulnerabilities with companies but doesn't refrain when it comes to government agencies like FBI and NSA.
How to step over the malware in Apple's App Store
Back in June, a team of six university researchers exposed several weaknesses in the cross-app resource sharing design and communication mechanisms in both iOS and OS X platforms, which any hacker can take advantage of and bypass security checks in the App Store to steal passwords from installed apps.
The security flaw could expose sensitive information present inside the iOS and OS X ecosystems like iCloud tokens and passwords, mail app passwords and passwords stored by Google Chrome.
The team constructed malicious apps which were then fed to Apple's App Store and subsequently cleared the automated verification process to get published in App stores of iOS and Mac. These apps were weaponised enough to break through the keychain service that stored various credentials of Apple's in-house apps. Additional design flaws in Apple's cross-app resource sharing allowed these apps to even steal critical data from third party apps like Facebook, WeChat and Evernote.