Breaking Tor seems to everyone’s favourite hack this weekend as it comes less than 24 hours after the Tor Project developers accused the Federal Bureau of Investigation of paying Carnegie Mellon University $1 million to attack Tor. Zerodium is a security research company which pays high cash rewards to hackers and security researchers who find zero-day exploits. It makes money by paying hackers for exploits and then selling these very exploits to governments around the world, corporations in the defense, technology firms, and finance industries. Zero-days are critical software vulnerabilities that no one else has yet discovered. The company made headlines earlier this month when it rewarded $1 million to hackers who compromised the latest Apple iOS 9 operating system. Zerodium’s price for new Tor zero-day exploits may reach as high as $30,000 to $1 million, according to Forbes. Zeriodium itself has not disclosed the amount it will pay for the Tor hack but emphasized that that hackers will be paid “premium rewards” for “focus on high-risk vulnerabilities,” which means that hackers can expect top dollar for their work. Zero-days that break Tor “are the holy grail of exploits for government agencies in charge of criminal investigations,” Zerodium founder Zhaouki Bekrar told Forbes on Thursday. Zerodium also advertises that it will pay for high-risk zero-day exploits in major operating systems, browsers and pretty much everything under the sun.
— Zerodium (@Zerodium) November 10, 2015 Neither Tor nor Zerodium responded to a request for comment in time for publication.
