A new United Arab Emirates -based start offers up to $ 20 million for hacking tools that could help governments break into any smartphone with a text message.
Advanced security solutions started this month and now offers Some of the highest valuesAt least publicly, all over the zero day market. Zero days are defects in software that are unknown to the developed programmer at the time of their discovery. These tools can be extremely valuable to hackers, especially those working for law enforcement and information.
In addition to the highest generosity of $ 20 million, which applies to any mobile operating system, the company also offers bounties for farms in various software: $ 15 million for the same type of zero days for Android devices and iPhones. $ 10 million for Windows. $ 5 million for Chrome. $ 1 million for Apple’s Safari and Microsoft Edge browsers, among others.
It is not clear who is behind the company and its customers.
“We strengthen government services, information services and law enforcement to operate precisely on the digital battlefield,” the company’s website said. “We maintain continuous cooperation with more than 25 Governments and Intelligence Services worldwide. Our customers are firmly returning for new services, reflecting the trust and strategic value we provide in high -stage operational frameworks, including the control of counterterrorism and drugs.”
The site also states that while the company is new, “it is staffed exclusively by professionals with over 20 years of operational experience in elite information units and private military contractors”.
Advanced security solutions have not answered a series of questions, including its funds that possess and manage the company, who are customers, and whether the company has any self -contained moral or legal restrictions in which governments to sell.
Contact us
Do you have more information on advanced security solutions or other zero -day providers? From a non-work device, you can contact Lorenzo Franceschi-bicchierai safely on the signal on +1 917 257 1382, or via the telegraph and keybase @lorenzofb or email. You can also contact TechCrunch via securedrop.
A security researcher with experience in the world of zero days told TechCrunch that the prices offered by advanced security solutions are approximately according to the current market.
“Normally these advertising prices are in the ball park,” the man told TechCrunch on the condition of anonymity to speak honestly about the zero -day industry. The person added that the generosity of $ 20 million “is low depending on how ruthless you are.”
The researcher also warned that, personally, he would not deal with a company that does not reveal who is behind it, as in this case. “I don’t think you have to sell errors to anyone trying to hide who they are,” he said.
The market for zero days has expanded significantly over the last 10 years, both in terms of the number of companies involved and the prices offered.
In 2015, Zerodium, a broker who is very similar to advanced security solutions, also acquires zero days from researchers and reselling them to governments, was one of the first companies to publish their pricelist. At that time, the company founded by veteran Exploit Broker Chaouki Bekrar offered up to $ 1 million for tools to hack iPhones. Then, three years later, came crwdfense Offering $ 3 million for the same type of zero days.
More recently, zero -day prices have soared, partly because there is more demand and also because it is becoming more and more difficult to chart modern devices and software, thanks to large technology companies that improve their safety.
Last year, Crowdfense published the new price list, which offered up to $ 7 million for zero days to enter iPhones and $ 5 million for the same type of farms for Android. Customers can also buy zero days for specific applications, special messages such as WhatsApp (up to $ 8 million) and the telegram (up to $ 4 million).
For its part, advanced security solutions say it offers $ 2 million for the telegram, signal and Whatsapp Zero-Days.
Russian Zero Day Company Operation Zero was a market divergence, offering up to $ 20 million for the same type of farms looking for advanced security solutions. The Operation Zero is in a unique position because it says it only operates with the Russian government and for many researchers in the US and Europe, it is illegal to sell hacking tools in Russia, which means that the Zero function can have a harder time to find what it is looking for.
We always try to evolve and by providing some image of your perspective and feedback on TechCrunch and our coverage and events, you can help us! Complement this investigation To let us know how we do and have the opportunity to win a prize in return!
