Rewards of $500,000 will be offered for one-click remote code execution bugs.
Bounties of up to $1 million will be provided by the Zero Day Initiative for researchers reporting a zero-click remote code execution exploit in WhatsApp at this year's Pwn2Own Ireland hacking contest.
According to BleepingComputer, ZDI will offer rewards of $500,000 and $150,000 for one-click remote code execution and remote zero-click account takeover exploits, while discoveries of remote zero-click microphone or video feed access, remote zero-click user sensitive data access, and remote one-click user sensitive data access will merit bounties of $130,000 each.
"We also will have lesser cash awards for other WhatsApp exploits, so be sure to check out the Messaging section for full details. We introduced this category last year, but no one attempted it. Perhaps a number with two commas will provide the needed motivation," said ZDI, which awarded over $1 million in bounties for the discovery of more than 70 zero-days in last year's event.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
