Apple has opened its bug bounty program to all security researchers, offering folks up to $1.5 million USD if they are able to find security vulnerabilities. The previously invite-only bug program offers a bigger cash bounty the more specific the vulnerability, up to $1 million USD for a “zero-click kernel code execution with persistence and kernel PAC bypass.” An additional $500,000 USD will be offered if the issue in question is a vulnerability Apple didn’t know about or a unique occurrence to a specific developer or public beta.
Apple first announced at the Black Hat conference in August that it was opening the program to the public, and that iCloud, iPadOS, macOS, tvOS, and watchOS would be on the bug bounty list.
The iPhone maker’s bug bounty programme sees maximum payouts range between $100,000 to $1 million.
Apple has also defined the bounty categories which include bugs in the iCloud, device attacks via physical access, network attacks with user interaction among others.
Researchers have to submit a detailed description of the issue, and enough detail to allow Apple to reproduce it.
The top payouts will go to researchers who discover bugs that affect multiple Apple platforms, especially if the issue affects the latest Apple devices and software. Any bug discovered in a beta version will earn the researcher a 50 percent bonus in addition to the standard reward.
Potential payouts for the bug:
- A researcher who can bypass a device’s lock screen can earn between $25,000 and $100,000
- Anyone gaining unauthorized iCloud access could net between $25,000 and $100,000
- Extracting sensitive data from a locked device could be worth between $100,000 and $250,000
The most lucrative bugs for researchers, however, will be those that produce attacks that take over a device without any action on the part of the user; so-called zero click attacks. The requirements are strict to collect a bounty in these instances and require a full exploit chain to be submitted with the report.
Apple’s rival and tech giant Google also has a similar bounty scheme wherein it offers rewards for researchers and hackers.