Hackers offered $500,000 for WhatsApp and Signal exploits

Jack Morse

August 23, 2017 at 8:19 PM

How much is your privacy worth? Does $499,999 sound about right? Because it might soon be sold out for only a dollar more.

A company that specializes in acquiring and reselling zero-day exploits has set its sights on Signal and WhatsApp, two popular secure mobile messaging platforms, and is offering serious cash to hackers willing to play ball.

On August 23, Washington DC-based Zerodium promised up to $500,000 for tools that permit remote code execution and local privilege escalation on the apps. Basically, the company wants the ability to get at your device without you ever being the wiser.

"ZERODIUM pays premium bounties and rewards to security researchers to acquire their original and previously unreported zero-day research affecting major operating systems, software, and devices," the company explains on its website. "While the majority of existing bug bounty programs accept almost any kind of vulnerabilities and [proof of concepts] but pay very low rewards, at ZERODIUM we focus on high-risk vulnerabilities with fully functional exploits, and we pay the highest rewards on the market."

Essentially, if you can give the company an already functioning tool, it's more than happy to fork over big bucks.

Importantly, the company wants the power to crack more than just Signal and WhatsApp — tools for remotely jailbreaking an iPhone will earn you up to $1.5 million — but the fact that it's willing to drop so much money on the apps speaks to their importance when it comes to Zerodium's mysterious client base.

Image: zerodium

And just who, exactly, are Zerodium's customers? The company won't name names, but its website does provide some clues.

"ZERODIUM customers are major corporations in defense, technology, and finance, in need of advanced zero-day protection, as well as government organizations in need of specific and tailored cybersecurity capabilities."

Making this all even sketchier, other zero-day brokers have been accused of using zero days to target dissidents and journalists. Notably, in 2016 the NSO Group reportedly used its iPhone exploits to track a human rights activist in the United Arab Emirates. Mashable reached out to Zerodium in an attempt to determine more about its customers, however, has not received a response as of press time.

So what, if anything, does this mean for you? Counterintuitively, it could be read as good news. The fact that Signal and WhatsApp zero days are toward the top of Zerodium's price list suggests that the exploits are highly sought after — i.e. not currently in the company's arsenal.

That's just speculation, of course. But even if Zerodium does end up scoring these zero days quickly, unless you're a high-value target, no one is likely to spend all that cash to read your messages only to risk the vulnerability getting discovered or patched

Regardless, make sure to keep all your apps updated. Although by definition updates won't protect you from zero days, they're still one of the best ways to protect your device from attackers.

Oh, and value what privacy you do have. It's obviously an expensive luxury.

WATCH: The most epic images from the 2017 total solar eclipse

Https%3a%2f%2fvdist.aws.mashable.com%2fcms%2f2017%2f8%2f59ca5236 5fc2 fe34%2fthumb%2f00001

Yahoo Sports
Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race
The value of the Dolphins and Formula One racing is enormous.
Yahoo Sports
MVP Nikola Jokić headlines All-NBA teams alongside Shai Gilgeous-Alexander, Luka Dončić
The All-NBA selection was the sixth for Jokić, who was awarded his third MVP trophy in four seasons on May 8.
Yahoo Finance
Under Armour is collapsing — And Kevin Plank has to take the blame
The Under Armour meltdown continues.
Yahoo Sports
Yankees owner Hal Steinbrenner says team's payroll, 3rd in MLB, 'not sustainable for us financially'
Maybe not what Yankees fans want to hear ahead of Juan Soto's free agency.
Yahoo Sports
UFC Vegas 92: Piera Rodríguez DQ'd for multiple illegal headbutts vs. Ariane Carnelossi
Rodríguez was warned by the ref to watch her head. She responded by headbutting her opponent even harder.
Yahoo Sports
Report: Fanatics files lawsuit against Cardinals rookie WR Marvin Harrison Jr. for breach of contract
Marvin Harrison Jr., Fanatics said, “rejected or ignored every request” from the company while refusing to fulfill obligations of their contract that was signed last May.
Yahoo Sports
PGA Championship: Will Zalatoris says group of players considered asking for postponement after death, Scottie Scheffler arrest
It was a surreal day at the PGA Championship.
Yahoo Sports
The Spin: Making a call on 5 slumping fantasy baseball stars
All five of these hitters were drafted highly in fantasy baseball leagues. So far, they have not lived up to their ADPs — and that's an understatement. Scott Pianowski analyzes.
Yahoo Sports
Tied for the most bets for No. 1 overall pick in NBA Draft is ... Bronny James?
The co-leader in bets for the No. 1 overall pick is a stunner.
Yahoo Sports
Best and worst NFL offseasons with the Ringer's Steven Ruiz | The Exempt List
Charles McDonald is joined by Steven Ruiz of The Ringer to break down which teams had the best and worst offseasons in the NFL
Yahoo Finance
'Demand is just so strong': Nvidia CEO Jensen Huang tells Yahoo Finance supply can't keep up
Nvidia's quarterly results blew away estimates again on Wednesday, and as the company moves to its next-generation chips its CEO sees supply, not demand, serving as its biggest challenge.
Yahoo Finance
Tesla stock pops after company reveals new details, deliveries for its semitruck program
Robotaxis, low-cost cars, and the Cybertruck aren't stopping Tesla from pushing ahead with its new semitruck, which is set to reach customers by 2026.
Autoblog
2025 Honda Civic Hybrid revealed, plus Civic-wide design and tech updates
The 2025 Honda Civic is here, and it lands as the 11th generation’s mid-cycle refresh.
Yahoo Sports
Are the Phillies really this good? Or has their schedule just been easy?
With largely the same group of players as the past two seasons, the answer for Philadelphia can be both.
Yahoo Sports
Mother sues LaMelo Ball after he allegedly drove over 11-year-old son's foot and broke it at a fan event
LaMelo Ball allegedly drove away and ran over an 11-year-old's foot when he was trying to get Ball's autograph at a Hornets fan event last fall.
Yahoo Sports
Struggling Cardinals, Blue Jays among 3 teams that could spark life into the MLB trade deadline
If teams like St. Louis and Toronto decide to pull the plug on this season, some big names could become available on the trade market this summer.
Yahoo Sports
The Mavericks' major gambles pay off as Luka Dončić, Kyrie Irving lead charge to West finals
Shrewd moves and timely deals have the aggressive Mavericks moving on in the postseason — and perhaps to an even better tomorrow.
Yahoo Sports
Preakness Stakes 2024 winner, payouts, results: Seize the Grey wins at Pimlico, Mystik Dan finishes 2nd, ending Triple Crown bid
Live updates from the 149th Preakness Stakes at Pimlico Race Course in Baltimore
Yahoo Sports
Auburn RB Brian Battie critically wounded in Sarasota shooting
Battie's older brother Tommie was killed and three others were shot early Saturday morning .
Yahoo Sports
Oneil Cruz hitting angry, Shohei Ohtani leading the league, the Royals are turning heads with Jake Eisenberg
Jake Mintz & Jordan Shusterman talk about Oneil Cruz's smashing night at the dish, Kyle Tucker and Shohei Ohtani leading the league and are joined by Royals broadcaster Jake Eisenberg to talk about Kansas City’s success in 2024.

News

Life

Entertainment

Finance

Sports

New on Yahoo

Hackers offered $500,000 for WhatsApp and Signal exploits

WATCH: The most epic images from the 2017 total solar eclipse

Recommended Stories

Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race

MVP Nikola Jokić headlines All-NBA teams alongside Shai Gilgeous-Alexander, Luka Dončić

Under Armour is collapsing — And Kevin Plank has to take the blame

Yankees owner Hal Steinbrenner says team's payroll, 3rd in MLB, 'not sustainable for us financially'

UFC Vegas 92: Piera Rodríguez DQ'd for multiple illegal headbutts vs. Ariane Carnelossi

Report: Fanatics files lawsuit against Cardinals rookie WR Marvin Harrison Jr. for breach of contract

PGA Championship: Will Zalatoris says group of players considered asking for postponement after death, Scottie Scheffler arrest

The Spin: Making a call on 5 slumping fantasy baseball stars

Tied for the most bets for No. 1 overall pick in NBA Draft is ... Bronny James?

Best and worst NFL offseasons with the Ringer's Steven Ruiz | The Exempt List

'Demand is just so strong': Nvidia CEO Jensen Huang tells Yahoo Finance supply can't keep up

Tesla stock pops after company reveals new details, deliveries for its semitruck program

2025 Honda Civic Hybrid revealed, plus Civic-wide design and tech updates

Are the Phillies really this good? Or has their schedule just been easy?

Mother sues LaMelo Ball after he allegedly drove over 11-year-old son's foot and broke it at a fan event

Struggling Cardinals, Blue Jays among 3 teams that could spark life into the MLB trade deadline

The Mavericks' major gambles pay off as Luka Dončić, Kyrie Irving lead charge to West finals

Preakness Stakes 2024 winner, payouts, results: Seize the Grey wins at Pimlico, Mystik Dan finishes 2nd, ending Triple Crown bid

Auburn RB Brian Battie critically wounded in Sarasota shooting

Oneil Cruz hitting angry, Shohei Ohtani leading the league, the Royals are turning heads with Jake Eisenberg