Friday, November 1, 2024
HomeAppleApple to Pay Up to $1 Million For Hackers Who Can Gain...

Apple to Pay Up to $1 Million For Hackers Who Can Gain Complete Control Over iPhone

Published on

Malware protection

Apple expands its bug bounty program to cover all operating systems that include macOS, watchOS, tvOS, iPadOS, and iCloud along with the iOS bug bounty program.

The tech giant has confirmed the expansion at Black Hat conference held in Las Vegas. Previously Apple has limited the bug bounty program only to iOS and limited researchers only can participate.

Apple Security Bounty

Now the Apple bug bounty program is open for all researchers and the company has increased payouts from $200,000 to $1 million.

The researchers who discover critical vulnerabilities such as zero-click full chain kernel code execution attack will get $1 million payouts and for other vulnerabilities, the rewards will be lesser. Here are the complete payout details.

- Advertisement - SIEM as a Service
Apple Security Payout Details

Apple Special Phone

Ivan Krstić, Head of Apple Security Engineering and Architecture made the announcement, he also added that the Apple special phone will be available for qualified researchers starting from next year.

These special phones are a step below the rooted devices, that lets researchers to inspect memory for vulnerabilities and to see what happens at the code level. This program was reported by Forbes earlier.

Also, the researchers who found vulnerabilities in pre-release builds are eligible to get an additional 50% bonus at the top of the category vulnerability they discover.

“This is an unprecedented fully Apple supported iOS security research platform,” Krstić said at the conference. “We want to attract exceptional researchers who have been focused on other platforms,” he added.

It was initially launched by Apple in 2016 and the company includes the only iOS as a part of the program, several researchers complained Apple failing to include other operating systems in the program, finally, the announcement came now.

The massive expansion of the Apple’s bug bounty program welcomed by bug bounty hunters and security researchers, Wardle who found many critical vulnerabilities in Apple products said that “Sure this is a win for Apple, but ultimately this a huge win for Apple’s end users.”

Sponsored:  â€“ Manage all the Endpoint networks from a single Console.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...