Security News > 2020 > May > Zerodium Expects iOS Exploit Prices to Drop as It Announces Surplus
Exploit acquisition firm Zerodium announced this week that it's no longer buying certain types of iOS exploits due to surplus, and the company expects prices to drop in the near future.
Zerodium said on Twitter it would no longer acquire iOS local privilege escalation, Safari remote code execution, and sandbox escape exploits in the next 2-3 months "Due to a high number of submissions related to these vectors."
The company says it expects prices to drop for one-click exploit chains that do not provide persistence.
"The spike is likely caused by the increased number of researchers looking into iOS and probably by the availability of public jailbreaks which are helping researchers to reverse engineer iOS devices more easily and find bugs faster. On the other hand, the number of Android submissions remains stable," Bekrar said.
According to its website, Zerodium is prepared to pay up to $2 million for iOS exploit chains that achieve persistence and require no user interaction.