- Beyoncé’s ‘Lemonade’ is finally coming to Spotify, Apple Music Wednesday 8:48 PM
- Ubisoft is offering Assassin’s Creed Unity for free to support Notre Dame Wednesday 8:25 PM
- Are teens really eating foods with the ‘shells on’ for a new viral challenge? Wednesday 6:39 PM
- The new Samsung Galaxy Fold already seems to be falling apart Wednesday 4:17 PM
- Think the ‘Game of Thrones’ spirals are all connected? Think again Wednesday 3:13 PM
- Rudy Giuliani retweets prominent QAnon supporter Wednesday 2:03 PM
- India bans TikTok over concerns of child endangerment Wednesday 2:00 PM
- JJ Abrams says there’s more to Rey’s origin story Wednesday 1:16 PM
- Lisa Ann says Equinox trainer looked up her number and sent her a creepy text Wednesday 1:01 PM
- 8 essentials every grad needs to succeed as an adult Wednesday 1:00 PM
- Makeup artist shows you how to become Kylie Jenner’s baby Wednesday 12:54 PM
- People are more concerned with this woman’s age than her being a school shooting threat Wednesday 12:14 PM
- Why are conservatives so obsessed with cargo shorts? Wednesday 11:46 AM
- How to transfer your Nintendo Switch save data Wednesday 11:45 AM
- Trans military ban causes student to lose ROTC scholarship Wednesday 11:04 AM
Cybersecurity firm offers ‘premium’ cash rewards to hackers who can break Tor
Will this make the company a target?
A big pay day is coming to the hacker who can break the Tor anonymity network and reveal the identity of users around the world.
Less than 24 hours after the Tor Project accused the Federal Bureau of Investigation of paying Carnegie Mellon University $1 million to attack Tor and out its users, a prominent security startup called Zerodium is now offering to pay hackers who find new ways to crack Tor’s security.
Zerodium pays high cash rewards to hackers and security researchers who find zero-day exploits. Zero-days are critical software vulnerabilities that no one else has yet discovered. The company made headlines earlier this month when it rewarded $1 million to hackers who compromised the newest iPhone.
Zerodium’s price for new Tor zero-day exploits may reach as high as $30,000, according to Forbes. The company emphasizes the “premium rewards” and “focus on high-risk vulnerabilities,” phrases that overtly promise hackers they’ll be paid top dollar for their work.
The startup makes money by paying hackers for exploits and then selling them to corporations in the defense, technology, and finance industries. The company also sells zero-day exploits to governments.
Roger Dingledine, Tor’s project leader, said on Wednesday that these kind of initiatives are “‘experiments’ for pay that indiscriminately endanger strangers without their knowledge or consent.”
Zerodium also advertises that it will pay for high-risk zero-day exploits for everything ranging from all major operating systems, Web browsers, servers, mobile phones, Web applications, email, and more.
Much of the zero-day industry in which Zerodium works has been highly criticized by security researchers who say selling zero-day exploits to governments and corporations is unethical and dangerous.
Just minutes after Zerodium announced that they were targeting Tor, many publicly wondered if the company would be targeted by hackers themselves in retaliation for the cash reward to break anonymity.
Neither Tor nor Zerodium responded to a request for comment in time for publication.
Photo via hexidecimal/Flickr (CC BY SA 2.0) | Remix by Fernando Alfonso III
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.