Published on January 6th, 2016 | Post Views: 4,000 Hits1
Zerodium offers $100,000 to hackers to breach Flash’s new security feature
Zerodium puts up a $100,000 bug bounty for Flash Zero-Day Exploit
Zerodium, the company that deals in exploits and zero-days has put up a fresh $100,000 bug bounty for zero-days in the new Flash security feature. Zerodium buys zero-day bugs from security researchers and then sells them forward to government intelligence agencies. It has already been in news for offering a $1 million bug bounty to a security researcher for a zero-day bug in Apple’s newly released iOS 9 mobile operating system.
Zerodium is offering $100,000 / €93,000 to the first security researcher/security researcher/hacker, who finds a zero-day bug capable of avoiding Flash’s new isolated heap protection. Adobe had deployed Heap Isolation in Flash version 18.0.0209 a few months back, with an aim at making the Use-After-Free (UAF) vulnerabilities more difficult for cybercriminals to exploit.
Adobe added isolated heap to Flash. This month we pay $100K (with sandbox) and $65K (without sandbox) per #exploit bypassing this mitigation
Heap Isolation was announced by Adobe in December and is Adobe’s latest weapon against cyber criminals and hackers. Isolated heap protection is a modern security technique that separates data processes inside the computer’s memory. Adobe worked with Google’s Project Zero developers to develop this feature and it was implemented in the Flash Player version 18.104.22.168.
“This change will limit the ability for attackers to effectively leverage use-after-free vulnerabilities for exploitation,” said Adobe in December.
The heap isolation technique has been difficult to crack as seen from the bounty offered by Zerodium. According to a price list published by Zerodium, the max payout for Flash zero-days is $80000. So the $20000 increment in this latest bug bounty is a certificate of sorts for heap isolation technique.
Adobe which has been a major victim of the Hacking Team data breach in June 2015, has taken steps to secure its ever flawed Flash Player.