WhatsApp Hackers Offered $1 Million For New 0-Click Exploit

Meta is no stranger to cybersecurity issues; like all major technology platforms, it is in the crosshairs of those who would exploit the brand for harm and criminal profit. So we are used to cybercriminals attempting to steal Facebook passwords, and others targeting WhatsApp users. Earlier this year, I reported how some WhatsApp users were under attack from hackers employing a “sophisticated spyware hack attack requiring no user interaction.” Such zero-click exploits are, thankfully, as rare as they are critically dangerous. This is why Meta has just offered elite hackers $1 million for a new zero-click attack. Here’s what you need to know, and why this is actually a very good thing.

ForbesGmail’s New Password Warning — Update Accounts Now As Attacks SurgeBy Davey Winder

The $1 Million WhatsApp Zero-Click Hack Explained

Twice every year, some of the best hackers on the planet get together to compete in a totally legal event called Pwn2Own and organized by Trend Micro’s Zero Day Initiative. In May, the first part of the competitive hacking frenzy saw the teams that successfully hacked everything from Windows 11 to Mozilla Firefox earn a total prize pool that exceeded a million dollars.

Competing against each other to exploit previously unknown vulnerabilities, so-called zero-days, against the clock and against targets submitted by vendors, these hackers can find security issues that others cannot. And that’s the point: the vulnerability, and the exploit for it, are handed over to the vendor which then has 90 days to issue a patch before any details are made public. It’s a security win-win, and a good payday for the unsung hacking heroes.

Between October 21-24, in Cork, Ireland, the second Pwn2Own contest will take place. One of the co-sponsors is Meta, and ZDI, along with the social media and messaging giant, is offering a staggering $1 million for a single exploit. “$1,000,000 for a 0-click WhatsApp bug that leads to code execution,” to be precise, according to the official announcement. But that’s just the headline act as far as the WhatsApp hackers are concerned, big money rewards are also on offer for other exploits, adding more than another million to the prize pot.

ForbesDo Not Reset Your Password — FBI Issues Critical New WarningBy Davey Winder