Apple’s previously private bug-hunting club has been opened up to all security researchers, who now have a chance to earn big bucks for discovering flaws in Apple operating systems.
The Apple Security Bounty information page outlines the program’s rules and rewards, revealing that maximum payouts range from $100,000 to $1 million.
The most lucrative $1 million reward requires a sophisticated network hack without any action on the part of the user – also known as zero click attacks.
This bounty requires the hacker to penetrate the system all the way to the kernel. The rules for collecting the bounty are also very strict and require the submission of functional exploits for the issues being reported.
In order to be eligible for the bounty, the hack must occur on the latest publicly available versions of iOS, iPadOS, macOS, tvOS, or watchOS.
Apple’s bounty program was previously available by invitation only, and the bounties went up to $200,000. Now the company appears to be following in Google’s footsteps with a similar bounty scheme.