What you need to know
- A software exploit broker claims there are more iPhone hacks than ever right now.
- There are so many iPhone exploits that prices for the discovery of hacks has gone down.
- Android hacks are currently worth more.
There are currently so many iPhone exploits that black market prices are going down, according to a report from Motherboard. In fact, prices for iPhone exploits have dipped below prices for Android exploits because there are so many.
"The zero-day market is flooded by iOS exploits, mostly Safari and iMessage chains, mainly due to a lot of security researchers having turned their focus into full time iOs exploitation," said Zerodium founder Chaouki Bekrar.
Bekrar said there are so many iOS exploits right now that his company is starting to refuse some of them.
Today's news comes on the heels of a series of security flaws targeting the iPhone, including one that made Apple's device vulnerable when visiting certain websites. Apple also recently rolled out iOS 12.4.1 with security fixes.
While prices for iOS exploits have dipped, Android exploits are more coveted than ever, especially for a zero-day. A zero-day exploit is a bug or exploit that's unknown to the company that makes the software and hardware, Motherboard explained.
Zerodium said it will pay up to $2.5 million for an exploit that would allow someone to completely take over an Android phone without first requiring the device to click on a link. The same type of exploit for iOS is worth around $2 million, Zerodium said.
Before Zerodium dropped its bounty for iPhone zero-days, Apple raised prices of its bug bounty program. The company said it will pay up to $1 million to anyone who can hack an iPhone without first requiring the device to click on a link.