Popular Tor Browser is the main resource for fast and secure access to the Tor network and that makes it a very tempting target. However attempt to find cracks in its armor, the most effective way to attract hackers is with juicy rewards . After offering up to half a million dollars for bugs in messengers such as WhatsApp and Telegram, Zerodium people have confirmed that it will distribute one million dollars among those researchers who deliver new 0-day vulnerabilities in the Tor Browser.
The Tor network will probably be one of the best choice when it comes to browsing with security, privacy and anonymity. There are many groups interested in discovering security holes, and for logical reasons concentrate their firepower on the popular Tor Browser . Your security has improved, and mitigation mechanisms in the latest operating systems make it more complicated to a direct attack, however, we all know that it is not a perfect solution , and that there are errors in your code waiting to be discovered.
That's when the security company Zerodium appears , which is willing to hand out up to a million dollars in prizes in exchange for 0-day vulnerabilities affecting the Tor Browser under Windows 10 and Tails Linux 3.x. The final amounts depend on the security parameters, but the biggest reward is $ 250 thousand (the attack has to work with JavaScript blocked) , while the smallest offers a not inconsiderable $ 75 thousand. Unsurprisingly, Zerodium established a series of rules for his campaign. The "jobs"must be new, unique and unknown, with a web page functioning as the initial attack vector, and the ultimate goal of each exploit is remote code execution.
Rules and Payouts
Software / OS | JavaScript Blocked (Security Settings: HIGH) | JavaScript Allowed (Default) (Security Settings: Low) | ||
RCE+LPE to Root/SYSTEM | RCE Only (No LPE) | RCE+LPE to Root/SYSTEM | RCE Only (No LPE) | |
Tor Browser on Tails 3.x (64bit) AND on Windows 10 RS3/RS2 (64bit) | $250,000 | $185,000 | $125,000 | $85,000 |
Tor Browser on Tails 3.x (64bit) OR on Windows 10 RS3/RS2 (64bit) | $200,000 | $175,000 | $100,000 | $75,000 |
Visit official announcement page : Click here
0 Comments:
Post a Comment