Misplaced Pages

Zerodium

Article snapshot taken from[REDACTED] with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
This article contains promotional content. Please help improve it by removing promotional language and inappropriate external links, and by adding encyclopedic text written from a neutral point of view. (July 2022) (Learn how and when to remove this message)
The topic of this article may not meet Misplaced Pages's notability guidelines for companies and organizations. Please help to demonstrate the notability of the topic by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention. If notability cannot be shown, the article is likely to be merged, redirected, or deleted.
Find sources: "Zerodium" – news · newspapers · books · scholar · JSTOR (July 2024) (Learn how and when to remove this message)
(Learn how and when to remove this message)
Zerodium
Founded2015; 10 years ago (2015)
HeadquartersWashington, D.C., United States
Area servedInformation security
Websitewww.zerodium.com

Zerodium is an American information security company. The company was founded in 2015 with operations in Washington, D.C., and Europe. The company develops and acquires zero-day exploits from security researchers

History

Zerodium was launched on July 25, 2015 by the founders of Vupen. The company pays bounties for zero-day exploits. A zero-day exploit is a cybersecurity attack that targets security flaws in computer hardware, software or firmware in order to maliciously plant malware, steal data, or damage the program. Bug bounty programs, including Zerodium, pay bounties for knowledge of these security flaws.

Zerodium was the first company to release a full pricing chart for zero-days, ranging from $5,000 to $1,500,000 per exploit. The company was reported to have spent between $400,000 to $600,000 per month for vulnerability acquisitions in 2015.

In 2016, the company increased its permanent bug bounty for iOS exploits to $1,500,000.

In September 2019, Zerodium increased its bounty for Android exploits to $2,500,000, and for the first time the company is paying more for Android exploits than iOS. Payouts for WhatsApp and iMessage have also been increased. The company is now reportedly spending between $1,000,000 to $3,000,000 each month for vulnerability acquisitions.

Criticism

Reporters Without Borders criticized Zerodium for selling information on exploits used to spy on journalists to foreign governments.

See also

References

  1. Andy Greenbrg (18 November 2015). "Here's a Spy Firm's Price List for Secret Hacker Techniques". Wired. Retrieved 26 August 2016.
  2. Sean Michael Kerner (21 September 2015). "Zerodium Offering a $1 Million iOS 9 Bug Bounty". eWeek.
  3. Lily Hay Newman (29 September 2016). "A Top-Shelf iPhone Hack Now Goes for $1.5 Million". Wired.
  4. Vaas, Lisa (9 January 2019). "Zerodium's waving fatter payouts for zero-day bug hunters". Archived from the original on January 9, 2019. {{cite journal}}: Cite journal requires |journal= (help)
  5. "RSF unveils 20/2020 list of press freedom's digital predators | Reporters without borders". RSF. 2020-03-10. Retrieved 2021-10-31.

External links

Categories:
Zerodium Add topic