Browser-Based iOS 9.1/9.2 Jailbreak Wins $1M Bounty, Will Be Sold for Corporate and Government Use - MacRumors
Skip to Content

Browser-Based iOS 9.1/9.2 Jailbreak Wins $1M Bounty, Will Be Sold for Corporate and Government Use

by

remotejailbreakEarlier this month, exploit acquisition platform Zerodium debuted an iOS 9 bug bounty that would pay out up to three million dollars to hackers who managed to develop a browser-based untethered jailbreak for iOS 9, which it could then sell to clients interested in shelling out a lot of money to gain illicit access to iOS devices.

The contest expired at the end of October, and Zerodium today announced one hacking team had successfully created a browser-based jailbreak for iOS 9.1 and iOS 9.2, the latest versions of iOS 9, earning $1 million.

Zerodium foundar Chaouki Bekrar told Wired that the exploit developed by the hackers will be given to its customers, which include major technology, finance, and defense corporations, along with government agencies. The contest rules required the exploit to be achievable remotely without requiring user interaction beyond reading a text message or visiting a website via Chrome or Safari on an iOS device.

Bekrar confirmed that Zerodium plans to reveal the technical details of the technique to its customers, whom the company has described as "major corporations in defense, technology, and finance" seeking zero-day attack protection as well as "government organizations in need of specific and tailored cybersecurity capabilities."

Because it's selling the jailbreak ("likely" to U.S. customers only), Zerodium does not plan to report the vulnerabilities in the operating system to Apple, though Bekrar says the company may share the details at a later date. The jailbreak also won't be provided to the general public, but Bekrar says Zerodium announced the results of the contest to remind people that while iOS security is "very hardened," it's not unbreakable.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: Jailbreak, Zerodium

Popular Stories

iOS 26

iOS 26.4 Adds Two New Features to CarPlay

Tuesday March 24, 2026 1:55 pm PDT by
iOS 26.4 was released today, and it includes a couple of new features for CarPlay: an Ambient Music widget and support for voice-based chatbot apps. To update your iPhone 11 or newer to iOS 26.4, open the Settings app and tap on General → Software Update. CarPlay will automatically offer the new features so long as the iPhone connected to your vehicle is running iOS 26.4 or later....
Read Full Article25 comments
Apple Business hero

Apple Unveils 'Apple Business' All-in-One Platform

Tuesday March 24, 2026 8:53 am PDT by
Apple today announced Apple Business, a new all-in-one platform that unifies device management, productivity tools, and customer outreach features. The service is designed to be a consolidated replacement for several of Apple's existing business-focused offerings, including Apple Business Essentials, Apple Business Manager, and Apple Business Connect. It provides organizations with a single...
Read Full Article46 comments
AirPods Pro Firmware Feature

Apple Releases New Firmware for AirPods Pro 3, AirPods Pro 2 and AirPods 4

Tuesday March 24, 2026 12:31 pm PDT by
Apple today released new firmware for the AirPods Pro 2, AirPods Pro 3, and the AirPods 4. The firmware has a version number of 8B39, up from 8B34 on the AirPods Pro 3, 8B28 on the AirPods Pro 2, and 8B21 on the AirPods 4. There is no word on what's included in the firmware, but Apple has a support document with limited notes. Most updates are limited to bug fixes and performance...
Read Full Article88 comments

Top Rated Comments

L
locoboi187
136 months ago
This is very very bad. This is going to be abused by either our government or another malicious party. For example, all one would need to do is inject the exploit in an unencrypted WiFi to gain complete control over a phone since this is a browser based hack.
Score: 26 Votes (Like | Disagree)
K
KALLT
136 months ago
Folks, this is just a jailbreak, it's neither illegal, nor can it be applied to a phone whose owner doesn't want it, just like all the other jailbreaks over the years.
The contest rules required the exploit to be achievable remotely without requiring user interaction beyond reading a text message or visiting a website via Chrome or Safari on an iOS device.
What do you think a jailbreak is? It's just a fancy name for an exploit that you want to use. If applied against your will or without your knowledge it is simply malware.
Score: 21 Votes (Like | Disagree)
2
2457282
136 months ago
Hopefully, Apple who is sneaky is actually one of the customers and will plug the hole quickly. Yes wishful thinking, we might get a plug if the hole goes public and then probably in iOS 10. (SMH)
Score: 15 Votes (Like | Disagree)
J
jim.arrows
136 months ago
Buy Apple they said. It's secure they said.
The fact that they're offering $1M for someone to develop the breach should make you feel very good about the overall security of the system... if it was easy nobody would pay $1M for it.
Score: 14 Votes (Like | Disagree)
sirdir Avatar
sirdir
136 months ago
uninstalling Chrome browser on my iPhone today.
the winning team for the hack probably gains entry through the Chrome browser, not Safari on iOS.
As Chrome is forced to use webkit as a renderer, I don't think it makes a diference what browser you're using.
Score: 13 Votes (Like | Disagree)
Speedman100 Avatar
Speedman100
136 months ago
Um is this like legal?
Score: 12 Votes (Like | Disagree)
Read All Comments