Company Places Bounty on WhatsApp and Signal Bugs


Half a million dollars is available to the hacker who can crack into the encrypted messaging apps.

More than 1 billion people looking to keep their conversations private rely on encrypted apps like WhatsApp and Signal. But all those people—including government employees—and their sensitive communications could be at risk. 

A company that specializes in discovering and selling zero-day exploits has its sights set on the two apps.

Zerodium, which bills itself as "the premium exploit acquisition program," announced Wednesday it is offering $500,000 for weaponized exploits that would allow them to access your device without your knowledge.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

If and when Zerodium obtains these tools, the company would hand them over to an anonymous client base. The company has been previously criticized for using methods that could allow those zero-days to end up in the hands of organizations and governments looking to crack down on journalists and dissidents, Ars Technica reported

The company's website claims, however, that its customers are "major corporations in defense, technology, and finance, in need of advanced zero-day protection, as well as government organizations in need of specific and tailored cybersecurity capabilities." 

Encryption apps aren't the only thing Zerodium is targeting. The company is also offering $1.5 million for a way to remotely jailbreak an iPhone.

This news should serve as a reminder keep your smartphone and all of your apps up to date. Nothing will make your device hack-proof, but updates go a long way to keep out unwanted guests.