Zerodium
   HOME

TheInfoList



Click Here for Items Related To - Zerodium
OR:
Zerodium on:   [Wikipedia]   [Google]   [Amazon]

Zerodium is an American
information security Information security is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized or inappropriate access to data ...
company. The company was founded in 2015 with operations in
Washington, D.C. Washington, D.C., formally the District of Columbia and commonly known as Washington or D.C., is the capital city and federal district of the United States. The city is on the Potomac River, across from Virginia, and shares land borders with ...
, and
Europe Europe is a continent located entirely in the Northern Hemisphere and mostly in the Eastern Hemisphere. It is bordered by the Arctic Ocean to the north, the Atlantic Ocean to the west, the Mediterranean Sea to the south, and Asia to the east ...
. The company develops and acquires zero-day exploits from security researchers.


History

Zerodium was launched on July 25, 2015 by the founders of Vupen. The company pays bounties for zero-day exploits. A
zero-day exploit A zero-day (also known as a 0-day) is a vulnerability or security hole in a computer system unknown to its developers or anyone capable of mitigating it. Until the vulnerability is remedied, threat actors can exploit it in a zero-day exploit, or z ...
is a cybersecurity attack that targets security flaws in computer hardware, software or firmware in order to maliciously plant malware, steal data, or damage the program. Bug bounty programs, including Zerodium, pay bounties for knowledge of these security flaws. Zerodium was the first company to release a full pricing chart for zero-days, ranging from $5,000 to $1,500,000 per exploit. The company was reported to have spent between $400,000 to $600,000 per month for vulnerability acquisitions in 2015. In 2016, the company increased its permanent bug bounty for iOS exploits to $1,500,000. In September 2019, Zerodium increased its bounty for Android exploits to $2,500,000, and for the first time the company is paying more for Android exploits than
iOS Ios, Io or Nio (, ; ; locally Nios, Νιός) is a Greek island in the Cyclades group in the Aegean Sea. Ios is a hilly island with cliffs down to the sea on most sides. It is situated halfway between Naxos and Santorini. It is about long an ...
. Payouts for WhatsApp and iMessage have also been increased. The company is now reportedly spending between $1,000,000 to $3,000,000 each month for vulnerability acquisitions. In May 2024, Intelligence Online posted an article titled "France, United States Iconic American vulnerability trader Zerodium to close its doors? " claiming that Zerodium had been absent for quite some time. In January 2025, Zerodium disabled its website and replaced it with a single page containing thei
PGP key


Criticism

Reporters Without Borders Reporters Without Borders (RWB; ; RSF) is an international non-profit and non-governmental organisation, non-governmental organization headquartered in Paris, which focuses on safeguarding the right to freedom of information. It describes its a ...
criticized Zerodium for selling information on exploits used to spy on journalists to foreign governments.


See also

*
Market for zero-day exploits The market for zero-day exploits is commercial activity related to the trafficking of Exploit (computer security), software exploits. Software vulnerabilities and "Exploit (computer security), exploits" are used to get remote access to both stored ...
* Bug bounty programs


References


External links

* {{Official website Computer security companies American companies established in 2015 Computer security exploits Companies based in Washington, D.C. Cyberwarfare