Hack Whatsapp and Get $500,000 (or Rs. 3 crores)

A Washington-based security firm, which specializes in acquiring and reselling zero-day exploits just offered $500,000 (INR 3 crore) for finding zero-day exploits in secure messaging platforms, including Whatsapp, Signal and Telegram.

A zero-day exploit is a security flaw in a software that is unknown even to the vendor. This security flaw is exploited by black-hat hackers before the vendor becomes aware and fixes it. Messengers like Whatsapp and Signal use end-to-end encryption and the payouts for exploiting these messengers proves that compromising these apps is no child’s play but as seen in the past, for the right price, even the most sophisticated can be hacked!

Ankush Johar, director at BugsBounty.com, said: “Surveillance agencies and governments are actively seeking and in some cases like UK, are demanding access to communication on encrypted messaging platforms with little luck. This $500,000 bounty does not come as a surprise. If anything it appears to be low.

"Right to privacy has been declared a fundamental right in India and citizens globally are demanding greater privacy. This could drive the price upwards to $1.5 million, like in the case of iOS previously.

"A Bug Bounty program is crowd sourcing of a defensive nature. This hunt for Zero-Days is offensive crowd sourcing of security vulnerabilities. Crowdsourced security is the ultimate solution for finding any possible security bug whether defensive or offensive, like in this case.

"Telegram had offered $200,000 to any hacker that could break their encryption back in 2014. Whatsapp also runs a bugs bounty program, but the $500,000 zero-day bounty highlights the heightened market demand for such security exploits.”