Although Apple often takes serious note of jailbreak vulnerabilities, a hacking group has emerged with a formula to remotely jailbreak iOS 9 on an iPhone. The group has claimed $1m (£0.65m, €0.9m) for finding the new vulnerability.
Bug bounty startup Zerodium has received the claim for an iOS zero-day bounty that was scheduled to expire on 31 October. This was claimed to be the "world's biggest zero-day bug bounty programme" and called on experienced security researchers, reverse engineers and jailbreak developers to try find the security hole to remotely jailbreak iOS.
— Zerodium (@Zerodium) November 2, 2015
"Making the jailbreak remotely triggerable via Safari or Chrome requires at least two to three additional exploits compared to a local jailbreak," Zerodium founder Chaouki Bekrar told Motherboard.
Zerodium has not yet revealed the identity of the hacking group, but Bekrar mentioned that the winning team submitted the exploits just a few hours ahead of the expiration of the bounty. He said that a "number of vulnerabilities" have been found through the finding.
Apple did not respond to a request for comment on the vulnerability. However, it is expected that iOS would officially receive an update in the coming future to patch the vulnerabilities.
Jailbreaking iPhone is not new and the Chinese white hat hacking team Pangu recently gained access to iOS 9.