Prices for Zero-Day Attacks – Which commands higher price Apple or Android?
For the first time ever, the security exploits broker Zerodium is paying a higher price for zero-day attacks that target Android than it pays for comparable attacks targeting iOS. An updated price list published Tuesday shows Zerodium will now pay $2.5 million apiece for “full chain (Zero-Click) with persistence” Android zero-days compared with $2 million for iOS zero-days that meet the same criteria. The previous program overview offered $2 million for unpublished iOS exploits but made no reference at all to the exploits for Android. Zerodium founder and CEO Chaouki Bekrar told Ars the broker paid on a “case by case basis depending on the chain” for Android exploits.