Popular 'Bug Broker' Stops Buying iOS Exploits Simply Because There Are Too Many Of Them

Bug squashing

A 'bug broker' that buys software security bugs and exploits from hackers suggests that it has more than a handful to deal with.

Zerodium is an American information security company founded in 2015, conducting business mainly by developing and acquiring premium zero-day exploits from third-parties.

The company then conduct research about security issues it acquired, to then report the protective measures and security recommendations to its clients.

The company has made its name, partly because in many cases, its payouts are much higher than Apple's official bug bounty program

And here, the company said that it stopping rewarding developers of several types of iOS exploits because it simply has too many of them.

The company on Wednesday that it'll pressing pause on acquiring any more local privilege escalation, remote code execution or sandbox escape exploits "for the next two to three months due to a high number of submissions."

Additionally, the company said that prices for certain types of iOS Safari one-click vulnerabilities will probably drop in the near future.

In a following tweet, Zerodium founder Chaouki Bekrar said that iOS security is "fucked."

That added to the fact that Apple lacked the persistence and a security mechanism in iOS 13, as Bekrar called that they are only two things keeping iOS's security from "going to zero."

One of the factors that caused Zerodium to come into this decision, is because of the novel 'COVID-19' coronavirus pandemic.

Just like any other companies, Zerodium is affected by the global lockdown and social restriction of its employees, in one way or another.

Because of this, Zerodium researchers may have more things to take care of, other than addressing security concerns of other companies.

And the other reason, is simply because iOS 13 is just unusually buggy.

This is a fact that led Apple software chief Craig Federighi to overhaul the development process for the next version of iOS.

"Let's hope iOS 14 is better," Bekrar said.