Jailbreak community owes a lot to adept hackers who find and exploit weaknesses in the design of iOS mobile operating system, thus allowing Apple’s mobile gadgets to run unsanctioned software. It’s more often than not a neverending cat-and-mouse game between Apple and hackers that at the end benefits jailbreakers the most.
Say you’re an expert hacker who just figured an exploit in one of Apple’s products. You could report your findings directly to Apple and help them plug those holes with a software update.
But did you know you could also hand over this valuable information to an exploit broker who will sell it to a government agency and net you a decent profit, minus the broker’s commission? A U.S. government agency, to be precise…
That’s exactly what an exploit broker who goes by the nickname “Grusq” has been doing in the past twelve months. A South Africa native, Grusq started out by hooking up his hacker friends with contacts in government a year ago.
Realizing he might as well charge for his networking skills, he’s now on track to earn a million in revenue this year, 80 percent coming from the U.S. market. Just last month he elicited the $250,000 payout for an iOS zero-day vulnerability sold to a U.S. government contractor.
Forbes has the story:
That iOS exploit price represents just one of the dozens of deals the Grugq has arranged in his year-old side career as a middle man for so-called “zero-day” exploits, hacking techniques that take advantage of secret vulnerabilities in software.
It’s a legit biz and others do it, too! This includes the likes of small companies such as Vupen, Endgame and Netragard, but also major defense contractors like Northrop Grumman and Raytheon. So in a nutshell, a small portion of U.S. taxpayers’ dollars is being spent on purchasing zero-day exploits.
Other buyers might include the Russian mafia (“they pay very little money”), the Chinese government (“the market is very depressed”) and various parties in regions like the Middle East and the rest of Asia.
That JailbreakMe 3.0 exploit by hacker Comex? Agencies would have been willing to pay as much as a quarter of a million dollars “for exclusive use of the attack”, Grusq says. It’s just business and you get to deal with suits working for various government agencies. He puts its best:
You’re basically selling commercial software, like anything else. It needs to be polished and come with documentation. The only difference is that you only sell one license, ever, and everyone calls you evil.
In case you were wondering – yes, iOS exploits command a much higher price than those targeting Android:
An iOS exploit pays more than one that targets Android devices partly because it requires defeating Apple’s significantly tougher security features. That means most agencies can simply develop their own Android attacks, the Grugq says, while ones that can penetrate the iPhone are rare and pricey.
Here’s a rough price list for zero-day exploits that author Andy Greenberg put together based on input from his sources. Interesting enough, each price assumes an exclusive sale and not alerting the software’s vendor.
It goes without saying you need to get hooked up with a guy like Grusq with contacts in high places and negotiating skills to broker a deal for you. And most importantly, you have to be able to present a marketable and unique zero-day exploit.
Still, wouldn’t we all be this fortunate? Are folks like Grugq just savvy entrepreneurs or merchants of death trading the bullets of cyberwar?
Meet us in comments.