Crowdfense, a vulnerability research hub announced that they ready to pay $3 million USD per successful submission of iOS and Android zero-day vulnerability exploits.
In this year Crowdfense offering a larger 15M USD acquisition program to focus the important areas of research, inclusive of Networking Devices, WiFi/Baseband, and Messengers.
There are many researchers were paid nearly 10 million USD last year with this “Vulnerability Research Hub” (VRH) online platform.
Successful submission of the previously unreported bug, exclusive capabilities would be eligible to receive bounty range from 100,000 USD to $3 million USD.
Crowdfense would like to receive the zero-days for Windows, MacOS, iOS, Android and other various platforms and they categorized the different price for each vendor.
Windows and macOS zero bugs reporter eligible to receive upto 1.5 million USD and they particularly expecting the Chrome and Safari RCE bugs that related to sandbox escape.
Crowdfense is willing to pay up to $1.5 million to $3 Million for iOS, Android zero-day exploit interaction with iOS and Android PE.
Also other zero-day exploits such as instant messengers, SMS/MMS RCE, Routers RCE, and WiFi/baseband RCE eligible to receive up to 100k to 1.5 million USD.
According to Crowdfense, Within this program, Crowdfense evaluates only fully functional, top-quality 0-day exploits.
Apart from this, Crowdfense offered free high-level technical training sessions to hundreds of vulnerability researchers around the world.
“The first Researcher to submit indisputable proof of a fully working chain within the scope of our public Bug Bounty program will receive a 10% bonus on his/her payout (if Crowdfense decides to buy). For a working partial chain, the bonus will be 5%, calculated on the agreed payout.” Clowdfense said.