- Amanda Holden’s bad coronavirus advice sheds light on the struggle of being immunocompromised Friday 9:03 PM
- The World Health Organization is now fighting coronavirus misinformation on TikTok Friday 8:43 PM
- Police are using coronavirus misinformation to trick people into turning in drugs Friday 8:11 PM
- People can’t stop touching their faces–and the CDC really wants them to Friday 7:31 PM
- A TikTok of a girl getting an abortion is going viral—and the internet is divided Friday 3:06 PM
- FCC proposes $200 million fine for T-Mobile, others over data sharing Friday 3:03 PM
- Which ‘Love is Blind’ couples are still together? Friday 2:01 PM
- Review: ‘The Invisible Man’ reboot is thrilling but basic Friday 1:25 PM
- Sex workers speak out after OnlyFans leak Friday 1:21 PM
- Normani addresses Camila Cabello’s racist social media posts Friday 1:07 PM
- Mike Huckabee’s defense of Trump’s coronavirus response will make you nauseous Friday 12:06 PM
- Gmail’s email filtering may affect what candidate emails you are seeing Friday 11:08 AM
- Woman shares aftermath of domestic abuse: ‘This is only to raise awareness’ Friday 10:40 AM
- Skai Jackson gets restraining order against Bhad Bhabie after death threat Friday 10:19 AM
- Taylor Swift shades Scooter Braun in ‘The Man’ video Friday 10:15 AM
Cybersecurity firm offers ‘premium’ cash rewards to hackers who can break Tor
Will this make the company a target?
A big pay day is coming to the hacker who can break the Tor anonymity network and reveal the identity of users around the world.
Less than 24 hours after the Tor Project accused the Federal Bureau of Investigation of paying Carnegie Mellon University $1 million to attack Tor and out its users, a prominent security startup called Zerodium is now offering to pay hackers who find new ways to crack Tor’s security.
Zerodium pays high cash rewards to hackers and security researchers who find zero-day exploits. Zero-days are critical software vulnerabilities that no one else has yet discovered. The company made headlines earlier this month when it rewarded $1 million to hackers who compromised the newest iPhone.
Zerodium’s price for new Tor zero-day exploits may reach as high as $30,000, according to Forbes. The company emphasizes the “premium rewards” and “focus on high-risk vulnerabilities,” phrases that overtly promise hackers they’ll be paid top dollar for their work.
The startup makes money by paying hackers for exploits and then selling them to corporations in the defense, technology, and finance industries. The company also sells zero-day exploits to governments.
Roger Dingledine, Tor’s project leader, said on Wednesday that these kind of initiatives are “‘experiments’ for pay that indiscriminately endanger strangers without their knowledge or consent.”
Zerodium also advertises that it will pay for high-risk zero-day exploits for everything ranging from all major operating systems, Web browsers, servers, mobile phones, Web applications, email, and more.
Much of the zero-day industry in which Zerodium works has been highly criticized by security researchers who say selling zero-day exploits to governments and corporations is unethical and dangerous.
Just minutes after Zerodium announced that they were targeting Tor, many publicly wondered if the company would be targeted by hackers themselves in retaliation for the cash reward to break anonymity.
Neither Tor nor Zerodium responded to a request for comment in time for publication.
Photo via hexidecimal/Flickr (CC BY SA 2.0) | Remix by Fernando Alfonso III
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.