Cyber security firm offers million dollars for Apple hack

Apple senior vice-president of worldwide marketing Phil Schiller speaks about iOS 9 availability at a Sept 9 Apple special event. AFP

PARIS (AFP) - Computer security firm Zerodium on Tuesday offered a US$1 million (S$1.4 million) bounty to hackers who can find a way to breach Apple's latest iOS 9 mobile operating system.

Zerodium, launched early this year in the United States by French online security expert Chaouki Bekrar, said it would pay out US$1 million each to as many as three people or teams who manage to break into iPhones or iPads equipped with the iOS 9 software.

To win the money, hackers must use a web page or text message to remotely bypass the iOS 9 security and discretely install an application on the iPhone or iPad by Oct 31, the company said in an online statement.

The hackers must exploit previously unknown weaknesses in the security system.

Apple's operating system is the most secure on the market, Zerodium said.

"But don't be fooled. Secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here is where the million dollar iOS 9 bug bounty comes into play."

Zerodium says it rewards independent researchers for discovering new software vulnerabilities.

It then analyses the security data to help corporate and government agency clients to beef up their online defences.

"The strength of iOS is essentially based on layers of security that are individually vulnerable but extremely effective together. It is nevertheless to possible to attack each of these elements, which is a fairly long and costly process," Bekrar told AFP.

Several researchers had expressed interest in the bounty, said the Zerodium boss.

Apple had not been consulted about the bounty, he added.

Apple, which launched iOS 9 on Sept 16, was not immediately available to comment.

Join ST's Telegram channel and get the latest breaking news delivered to you.