Hackers stole 187 million personal identities last year, with the average yield per data breach amounting to 1.1 million identities, Symantec said. Identity theft gleaned from lost or stolen PCs or mobile devices also exposed 18.5 million identities in 2011. And malicious attacks increased by 81 percent in comparison with Symantec’s 2010 estimates.
iOS hackers are some of the most sought after individuals in the security research community. Geniuses like Comex who come up with jailbreaks used by millions of iPhone and iPad users are offered incredible sums of money to sell their exploits to powerful and high profile clients.
Sure, you could win a decent amount of cash at a security conference for showing off the exploits you’ve uncovered, but why not make $250,000 and secretly sell your stuff to say, an entity like the U.S. government?
That’s exactly what a security researcher/middle man by the pseudonym of “Grugq” did for an unnamed iOS hacker. Located in Bangkok, Grugq made 15% commission off negotiating a $250,000 deal with a contact in the U.S. government. Grugq facilitated the transaction of the exploit information from the hacker in exchange for the 6-figure payout from the client.
Andy Greenberg from Forbes has put together a rundown of how much the average exploit sells for these days. The different price ranges are arranged by platform:
Windows exploits have always sold for more because of Microsoft’s larger market share presence in the PC space. Since Macs still only represent a fraction of desktop PCs sold every year, it’s much more cost-effective to create malware for the OS that the most people are using. You don’t see many viruses in the wild for OS X because there hasn’t been enough reason to target the platform.
What’s more surprising about Greenberg’s calculations is how little Android exploits are sold for in comparison with iOS. In fact, the average iOS exploit is worth far more than even a Windows exploit. It makes sense that browser are high up on the list, as they run on multiple platforms (for the most part) and serve as gateways to the internet. iOS, on the other hand, is the crème de la crème of platforms if you’re looking to sell an exploit.
Apple keeps iOS locked down tight. That’s why new jailbreaks always get so much coverage — they are feats of masterful hackery. Comex, the maker of the once-popular JailbreakMe tool for iOS 4.0, was reportedly offered 6 figures by multiple agencies to sell his iOS exploit. He ended up interning at Apple to help the company fortify the very platform he reverse engineered.
The people that make jailbreaks and find these kinds of exploits typically do security research work and consulting on the side. It’s a very lucrative, professional market that brings in millions and millions of dollars. Think about that next time you’re jailbreaking your iPhone.
Tech And Wealth 