Apple is just doubled the prizes In your security permission application program – and now pay more than any other Tech company in the world.
Many large companies, such as Microsoft, Google, Meta and Apple, have been so called so -called for years. “Bug Bounty” programs , through which ethical hackers can make money by finding security holes in systems and reporting them directly to the manufacturer. But Apple now changes the rules of the game.
In the latest upgrade of your Apple Security Bounty Programs, a Cupertina company announced that doubles the highest possible reward – from $ 1 to $ 2 million . This amount refers to specially sophisticated attacks that do not require any user interaction, the so -called Zero-Click Exploits .
But the matter does not stop there – if the researcher manages to prove and bypassing Apple’s Lockdown Fashion . The reward can grow up to $ 5 million . Also, the company will pay off a million dollar bonus For a "wide non -authorized approach to ICloud’s; – which, as they say, has never been achieved so far.
In addition to larger rewards, Apple introduces new Vulnerability categories Those so-called Target flags – Tags that accelerate the evaluation of the application and the payment of the award if the specific security criteria are met.
The new ranges of awards that come into force in November 2025:
| The type of attack | The current maximum | Novi maximum |
|---|---|---|
| Zero-Click Chain (no user interaction) | $1.000.000 | $2.000.000 |
| One-Click Chain (one user click) | $250.000 | $1.000.000 |
| Attack near the device (eg Bluetooth/Wi-Fi) | $250.000 | $1.000.000 |
| Attack with a physical approach to the device | $250.000 | $500.000 |
| Escape from App Sandbox / SPTM Bypass | $150.000 | $500.000 |
There are also additional prizes, like $ 100,000 to circumvent Macos Gatekeepera , and those symbolic $ 1,000 for applications for smaller safety failures.
Since launching a program 2020, Apple is paid more than $ 35 million over 800 security researchers around the world. With new rules and higher payments, the goal is to further motivate "white hats" to find holes before they are used by those malicious ones.
