Russian Firm Willing to Pay $20 Million for iPhone, Android Zero-Day Exploits | #datingscams | #russianliovescams | #lovescams

We’ve seen companies offer millions for smartphone-hacking techniques, but now a mysterious Russian firm is dangling a $20 million bounty for attacks that can compromise an iPhone or Android device. 

The offer comes from Operation Zero, which says it’s a “Russian-based” platform that buys hacking details from security researchers. On Tuesday, the company said it’s raising the maximum payout for “top-tier mobile exploits” from $2.5 million to as much as $20 million, citing “high demand on the market.”

Specifically, the Russian firm—which only began tweeting in 2021—is looking for zero-day exploits, or attacks that leverage new and unpatched flaws in a phone’s software. 

Operation Zero wants details for a “full chain” attack, which can execute rogue computer code on a smartphone, elevate’s the hackers privileges, and bypass the software’s security checks. 

Participating researchers who hand over such hacking techniques can expect Operation Zero to sell it a “non-NATO country,” the company said. The website for Operation Zero also notes that all its clients are “Russian private and government organizations only.”

Hence, Operation Zero could be selling the hacking techniques to the Russian government, surveillance companies or even ransomware groups, which the US National Security Agency says have become rich enough to afford such attacks. (That said, the website for Operation Zero claims “No risk of exploits falling into the wrong hands.”)

Recommended by Our Editors

The bounty is certainly disturbing at a time when zero-day exploits for iOS have recently been spotted spreading spyware to opposition leaders and civil society groups. Still, the $20 million amount also shows it’s becoming costlier for governments and surveillance companies to acquire zero-day exploits, says Shane Huntley, Senior Director of Google’s Threat Analysis Group. “These rising prices are a good sign that we are making zero day more hard and expensive,” he tweeted.

By offering the staggering bounty, Operation Zero may also be trying to attract customers since Western sanctions against Russia have likely stymied its ability to send payments to clients.

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Click Here For The Original Source.

. . . . . . .