A nation-state hacker
Zerodium said that the entire attack using the zero-day exploit should function 'silently' iStock

A new bug bounty program launched by Zerodium, the private firm known to market exploits, is offering hackers a payout of up to $1m (£746,568) for finding zero-day vulnerabilities that affect the Tor Browser. The bug bounty program comes with a deadline – 30 November 2017 – before which unknown Tor flaws on Tails Linux and Windows must be submitted.

However, Zerodium says that if the firm has already paid out the $1m bounty and has achieved what it wants before the deadline, it may terminate the program prior to the expiration date.

"With the increased number (and effectiveness) of exploit mitigations on modern systems, exploiting browser vulnerabilities is becoming harder every day, but still, motivated researchers are always able to develop new browser exploits despite the complexity of the task, thanks to their skills and a bit of scripting languages such as JavaScript," Zerodium said in a statement.

Zerodium said that it will also pay for exploits that come with JavaScript-functional session but that the payout for such exploits will be lower, ranging between $75,000 and $250,000. The firm also specified that it would not accept any exploits that would require "control or manipulation of Tor nodes" or that would disrupt the Tor network.

"The research must rely on exclusive, unknown, unpublished, and unreported zero-days, and must bypass all exploit mitigations applicable to each target category. The exploit must be fully functional, reliable, and leading to remote code execution on the targeted OS either with privileges of the current user or with unrestricted root/SYSTEM privileges," Zerodium said.

The firm also said that the entire attack using the exploit should function "silently". In other words, the attack should not alert the target by triggering any messages or pop-up windows. The attack also shouldn't require any "user interaction," apart from visiting a web page. This means that engaging the user in a phishing attack or other means are out. However, Zerodium says that it may "at its sole discretion, make a distinct offer to acquire such exploits."

The Tor Browser is known to be used by the general public, journalists, activists and others. Earlier in the year the Tor Project launched its first bug bounty program.