Advanced Security Solutions, a United Arab Emirates-based startup, is offering up to $20 million for hacking tools that exploit zero-day vulnerabilities capable of compromising any smartphone via a text message. The company lists bounties including $15 million for Android and iPhone zero-days, $10 million for Windows, $5 million for Chrome, and $1 million for Safari and Edge. Zero-days are flaws unknown to affected developers at discovery and are valuable to law enforcement and intelligence operations. The company claims cooperation with over 25 governments and staff with over 20 years of elite operational experience. Ownership, funding, customers, and any ethical or legal sale restrictions remain unclear; the company did not respond to inquiries.
Advanced Security Solutions launched this month and is now offering some of the highest prices, at least public ones, in the whole zero-day market. Zero-days are flaws in software that are unknown to the affected developer at the time of their discovery. These tools can be highly valuable for hackers, especially those working for law enforcement and intelligence agencies. Apart from the highest bounty of $20 million, which applies to any mobile operating system, the company also offers bounties for exploits in various software:
The website also says that while the company is new, "it is staffed exclusively by professionals with over 20 years of operational experience in elite intelligence units and private military contractors." Advanced Security Solutions did not respond to a series of questions, including who funds, owns, and runs the company, who the customers are, as well as whether the company has any self-imposed ethical, or legal restrictions on what governments to sell to.
Collection
[
|
...
]