Apple Introduces $2M Bug Bounty for Spyware-Level Exploits

Apple has announced a large overhaul of its bug bounty programme that doubles the apical reward to $2 cardinal for exploit chains that tin lucifer the sophistication of mercenary spyware attacks.


With bonuses for Lockdown Mode bypasses and vulnerabilities recovered successful beta software, Apple says its full payouts could transcend $5 million. The institution claims this represents "the largest payout offered by immoderate bounty program."

The programme present places greater accent connected implicit exploit chains alternatively than idiosyncratic vulnerabilities, reflecting the world that real-world attacks typically concatenation aggregate bugs together. The rewards for remote-entry vectors person besides been substantially increased, though categories not commonly seen successful existent attacks volition person little payouts.

As portion of the overhaul, Apple is introducing "Target Flags," which are inspired by capture-the-flag games. When a researcher successfully exploits a vulnerability, they tin seizure a circumstantial emblem that proves precisely what level of entree they achieved, specified arsenic codification execution oregon arbitrary read/write capabilities.

These flags tin beryllium verified by Apple, truthful researchers who taxable reports utilizing them tin person notification of their bounty grant instantly aft Apple validates the captured flag. The outgo is besides issued successful an upcoming outgo cycle, meaning researchers won't person gotta hold until Apple releases a bundle fix, which tin instrumentality months. Previously, researchers often had to hold for Apple to spot a vulnerability earlier receiving payment.

The updated programme comes into effect from November 2025. Apple is besides expanding categories to see one-click WebKit sandbox escapes worthy up to $300,000 and wireless proximity exploits implicit immoderate vigor worthy up to $1 million. A implicit Gatekeeper bypass connected macOS present earns $100,000.

More accusation connected the changes tin beryllium recovered connected Apple's Security Research website. Apple says it has paid retired implicit $35 cardinal to much than 800 researchers since launching the nationalist programme successful 2020.
This article, "Apple Introduces $2M Bug Bounty for Spyware-Level Exploits" archetypal appeared connected MacRumors.com

Discuss this article successful our forums