BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

New Apple Malware Shock For 1+ Billion iPhone And iPad Users

Following
This article is more than 4 years old.

There’s a market for everything these days—including zero-day exploits. And, just as with more traditional markets, supply and demand sets the price. Scarcity pushes prices up, oversupply does the opposite. With that in mind, Apple’s billion-plus users should note that the market price for Android exploits has overtaken iOS with leading exploit broker Zerodium for the first time since it was founded. In fact, such is the “flood” of exploits now targeting iOS, that the broker is turning some away.

A full-chain (0-click, no user intervention) Android exploit now tops the payments menu at $2.5 million, while the same type of iOS attack software pays just $1 million, down from $1.5 million. Zerodium explains that “the amounts paid to researchers to acquire original zero-day exploits depend on the popularity and security level of the affected software/system, as well as the quality of the submitted exploit.”

So you can read into this that plenty of iOS exploits are doing the rounds. And just days after Apple suffered its most significant security setback in years, with the news that China successfully deployed a series of web hacks to target the iOS devices of Uighur Muslims, this is a further knock to the seeming primacy of Apple’s security.

Bad news for Apple. And worse news for the billion-plus iOS users around the world.

There is little surprise that messaging attacks are in high demand—that has been a persistent theme and runs in parallel with the shift to end-to-end encryption and the increased difficulties in accessing communications platforms.

According to a Zerodium statement, “during the last few months, we have observed an increase in the number of iOS exploits being developed and sold by researchers from all around the world. The zero-day market is so flooded by these iOS exploits that we've recently started refusing some them.”

While such exploits are usually designed for nefarious purposes, this brokerage of malware has “good-guys buying capabilities from bad guys” in mind. If you’re a law enforcement agency tired of being in the dark where it comes to suspect devices, this is a good place to come shopping.

And as with all other kinds of markets, pricing analysis uncovers significant trends that are impacting the market in real-time. Despite the news flow of the last week, this is a surprise as far as Apple is concerned with the impression having landed with many of its users that it significantly safer and more locked down that Android.

As the launch of iPhone 11 approaches, all eyes on Apple now as to what it does next and how it intends to restore security confidence in the brand.

Follow me on Twitter or LinkedIn