Apple has doubled its top award for ethical hacking discoveries to $2m, although security researchers could earn even more if they’re able to unlock bonuses, the tech giant has revealed.
Apple said on Friday that it was increasing the award for “exploit chains that can achieve similar goals as sophisticated mercenary spyware attacks,” to an “unprecedented” sum.
“Our bonus system, providing additional rewards for Lockdown Mode bypasses and vulnerabilities discovered in beta software, can more than double this reward, with a maximum payout in excess of $5m,” the firm continued.
“We’re also doubling or significantly increasing rewards in many other categories to encourage more intensive research. This includes $100,000 for a complete Gatekeeper bypass, and $1m for broad unauthorized iCloud access, as no successful exploit has been demonstrated to date in either category.”
The firm said it has already paid $35m to more than 800 security researchers since the launch of the Apple Security Bounty program in 2020.
However, its latest bug bounty announcement can be seen as a response to the growth of commercial spyware activity. Firms like NSO Group and Intellexa produce sophisticated exploits to get their malware on the devices of clients’ targets – often dissidents and journalists.
The challenge has become so acute that governments and tech companies last year signed a joint agreement named the “Pall Mall Process” designed to help tackle the proliferation of commercial spyware.
The UK’s National Cyber Security Centre (NCSC) estimates that the commercial cyber intrusion sector doubles every 10 years.
“The only system-level iOS attacks we observe in the wild come from mercenary spyware – extremely sophisticated exploit chains, historically associated with state actors, that cost millions of dollars to develop and are used against a very small number of targeted individuals,” said Apple.
“While Lockdown Mode and Memory Integrity Enforcement make such attacks drastically more expensive and difficult to develop, we recognize that the most advanced adversaries will continue to evolve their techniques.”
More Rewards on Offer
Apple also announced an expansion of other bounty categories, including “one-click WebKit sandbox escapes.” Successful researchers will get payouts of up to $300,000 for these, while those able to produce “wireless proximity exploits over any radio” could get up to $1m.
The firm is also introducing a new way for researchers to objectively demonstrate exploitability in several popular bounty categories. Those who submit reports under the new “Target Flags” initiative could qualify for faster awards, Apple said.
The news comes a few days after a new hacking competition was announced by cloud security company Wiz, Google Cloud, AWS and Microsoft. Zeroday Cloud will debut at Black Hat London this December.
Image credit: Prathmesh T / Shutterstock.com
