Tor Browser Million Dollar Bug Bounty (Expired)

Tor Browser Bounty


Dec. 1, 2017 - ZERODIUM's Tor Browser Bounty has now expired. ZERODIUM is still accepting/acquiring new Tor Browser exploits through its standard zero-day acquisition program.

Sep. 13, 2017 - ZERODIUM, the premium zero-day acquisition platform, announces and hosts a Tor Browser Zero-Day Bounty. ZERODIUM will pay a total of one million U.S. dollars ($1,000,000) in rewards to acquire zero-day exploits for Tor Browser on Tails Linux and Windows. The bounty is open until November 30th, 2017 at 6:00pm EDT, and may be terminated prior to its expiration if the total payout to researchers reaches one million U.S. dollars ($1,000,000).

With the increased number (and effectiveness) of exploit mitigations on modern systems, exploiting browser vulnerabilities is becoming harder every day, but still, motivated researchers are always able to develop new browser exploits despite the complexity of the task, thanks to their skills and a bit of scripting languages such as JavaScript. Today, ZERODIUM sets the bar even higher with a new technical challenge: develop a fully functional zero-day exploit for Tor Browser with JavaScript BLOCKED! Exploits for Tor Browser with JavaScript allowed are also accepted/eligible but have lower payouts (see below).


Rules and Payouts
Software / OS JavaScript Blocked
(Security Settings: HIGH)
RCE+LPE to Root/SYSTEM
JavaScript Blocked
(Security Settings: HIGH)
RCE Only (No LPE)
JavaScript Allowed (Default)
(Security Settings: Low)
RCE+LPE to Root/SYSTEM
JavaScript Allowed (Default)
(Security Settings: Low)
RCE Only (No LPE)
Tor Browser on Tails 3.x (64bit)
 AND 
Windows 10 RS3/RS2 (64bit)
$250,000 $185,000 $125,000 $85,000

Tor Browser on Tails 3.x (64bit)
OR
Windows 10 RS3/RS2 (64bit)
$200,000 $175,000 $100,000 $75,000


Submissions / Acquisitions

For inquiries and/or submissions, please contact us using our submission form.

ZERODIUM reserves the right to determine whether or not a submission is valid. Payment of any bounty by ZERODIUM to a researcher (individual or team) constitutes a purchase of the intellectual property rights of the submitted research, exploit, and all related information.

For more information about ZERODIUM's premium exploit acquisition program, please check our program section.