Nov 1, 2023
It’s Cheap to Exploit Software — and That’s a Major Security Problem
Posted by Shubham Ghosh Roy in categories: cybercrime/malcode, mobile phones
How much would it cost to hack your phone? The best guess for an iPhone is between $0 and $65,000 — and that price mainly depends on you. If you skipped a really important security update, the cost is closer to $0.
Say you were up to date. That $65,000 figure is an upper cost of exploiting the median individual — switch to an Android, a Mac, or a PC and it could get a lot lower. Apple has invested enormous resources in hardening the iPhone. The asking price for an individual exploit, rather than as a service, can go as high as $8 million. Compare that to the cost of an exploit of a PDF reader like Adobe Acrobat — notoriously riddled with security vulnerabilities — which according to this TrendMicro research report (PDF) is $250 and up.
Switch from targeting a specific person to targeting any of the thousands of people at a large company and there are myriad ways in. An attacker only needs to find the cheapest one.