A group of hackers has won a $1-million bounty offered by a company affiliated with NSA for remotely hacking the latest iPhone operating system.
The prize was offered by the French cybersecurity firm Zerodium as part of a challenge set to demonstrate the possibility of remotely jailbreaking devices running iOS 9.1.
The hack makes it easier for intelligence agencies such as the NSA and the CIA to spy on targets using devices with the new iOS. The few latest versions of the operating system had been reported not to be accessible remotely by any unauthorized third party.
When the bounty was announced back in September, a former NSA employee told online tech magazine Motherboard that the offered amount was significantly lower than the possible price tag “if you sell it to the right people.”
Companies such as Zerodium are known to offer higher rewards than standard tech companies for exposing security bugs. When independent entities expose the vulnerabilities, the bug-broker firms only announce the general information about the bug and sell the particular data and details to certain customers such as government intelligence agencies.
According to the company’s director, Chaouki Bekrar, tests are still being run to make sure the exploit chain “fully meets the bounty rules.” He noted that Apple will probably patch the vulnerabilities in “a few weeks to a few months.”