Cybersecurity firm offers ‘premium’ cash rewards to hackers who can break Tor
Now that iOS 9 has been jailbroken and the bounty of $1 million paid to the hackers for doing it, security firm, Zerodium has turned its sights on another big service, Tor anonymity network. It is offering premium cash rewards to hackers who can break the Tor anonymity network and reveal the identity of users around the world.
Breaking Tor seems to everyone’s favourite hack this weekend as it comes less than 24 hours after the Tor Project developers accused the Federal Bureau of Investigation of paying Carnegie Mellon University $1 million to attack Tor.
Zerodium is a security research company which pays high cash rewards to hackers and security researchers who find zero-day exploits. It makes money by paying hackers for exploits and then selling these very exploits to governments around the world, corporations in the defense, technology firms, and finance industries. Zero-days are critical software vulnerabilities that no one else has yet discovered. The company made headlines earlier this month when it rewarded $1 million to hackers who compromised the latest Apple iOS 9 operating system.
Zerodium’s price for new Tor zero-day exploits may reach as high as $30,000 to $1 million, according to Forbes. Zeriodium itself has not disclosed the amount it will pay for the Tor hack but emphasized that that hackers will be paid “premium rewards” for “focus on high-risk vulnerabilities,” which means that hackers can expect top dollar for their work.
Zero-days that break Tor “are the holy grail of exploits for government agencies in charge of criminal investigations,” Zerodium founder Zhaouki Bekrar told Forbes on Thursday.
Zerodium also advertises that it will pay for high-risk zero-day exploits in major operating systems, browsers and pretty much everything under the sun.
Not an iOS exploiter? You can still get big bounties with your Windows #0day exploits: Chrome, Firefox, Flash, etc https://t.co/fwqoXltsRR
— Zerodium (@Zerodium) November 10, 2015
Neither Tor nor Zerodium responded to a request for comment in time for publication.