The motherboard website reports that Crowdfense startup has launched a so-called bug-bounty, which is used to denote cash prizes paid to uncover previously-unknown vulnerabilities.
Zero-day exploits are flaws or vulnerabilities that are still unknown to developers, in this case Google, Apple, or Microsoft. This allows companies like Crowdfense to take advantage of the gap, such as the development of jailbreak tools.
However, there have also been cases in which zero-day exploits sell to law enforcement and intelligence agencies Crowdfense director Andrea Zapparoli said.
“We focus only on tools that aim to conduct law enforcement or intelligence activities, not to destroy or degrade the functionality and effectiveness of the target systems, but only to gather information”, Zapparoli in a telephone interview with 9to5Mac.
The company is only interested in exploits for macOS, iOS, Android and Windows and not in security holes in hardware or critical infrastructure.
The Budget for the Bug Bounty program is currently limited to $ 10 million. Those willing to collaborate with the company are not announced at this time.
In 2016, Apple launched its own bug bounty program to detect bugs such as zero-day exploits. However, Apple did not pay well enough – hacker groups sometimes spent much more than the $ 200,000 that Apple promises to the maximum.