Hack Apple Systems for Up to $2M - Security Bounty Expanded

Apple expands its Security Bounty program this November, raising maximum rewards to $2M for spyware-like vulnerability chains and increasing payouts for one-click and physical attacks to better counter mercenary spyware and state actors.

Comments
Hack Apple Systems for Up to $2M - Security Bounty Expanded

3 Minutes

Apple has dramatically raised the stakes for security researchers: starting this November, the company is expanding its Security Bounty program and lifting reward caps to encourage discoveries that protect users from advanced spyware.

Big payouts for chains that act like spyware

The update targets complex, chained vulnerabilities that can behave like advanced spyware without any user interaction. Apple says these high-risk chains — which allow system-level compromise silently and remotely — will now be eligible for awards up to $2 million. In extraordinary cases, such as bugs found in beta releases or successful bypasses of Lockdown Mode, payouts could top $5 million.

What Apple is changing

  • Maximum award for userless, spyware-like vulnerability chains: up to $2,000,000.
  • One-click attack rewards raised from $250,000 to $1,000,000.
  • Physical-device attack rewards have been doubled.
  • Combined Safari sandbox escapes with remote code execution: up to $300,000.

Aiming incentives at the highest-risk threats

Ivan Krstic, Apple’s head of security, said the company has paid more than $35 million to over 800 security researchers so far. While multi-million-dollar awards remain rare, Apple has a history of paying substantial sums — previously reaching payouts in the hundreds of thousands and, in some notable cases, much higher.

Apple frames the change as a direct response to a specific pattern: in recent years, real, system-level compromises have most often been the work of mercenary spyware vendors and state-backed actors. By increasing rewards, Apple hopes to steer more elite researchers toward uncovering critical vulnerabilities before they are weaponized.

Why this matters for users and researchers

Higher bounties mean more eyes on the most sensitive parts of Apple’s platforms — kernel protections, sandbox escapes, Lockdown Mode bypasses, and Memory Integrity Enforcement. For users, the upside is stronger, more proactively patched defenses. For researchers, the new scale signals Apple’s willingness to pay top-dollar for high-impact discoveries.

Imagine a single discovery that prevents a stealthy spyware campaign: Apple is effectively saying it will pay accordingly. That kind of incentive could change the economics of vulnerability research, making defensive work more attractive than gray-market or mercenary disclosure.

What to watch next

  • Whether more researchers shift focus from black-market exploit sales to coordinated disclosure.
  • How Apple evaluates and prioritizes reports that qualify for the new top-tier rewards.
  • Any follow-up updates to protections like Lockdown Mode and Memory Integrity Enforcement after major finds.

With these changes, Apple is betting that higher rewards will translate into stronger security for the millions who rely on iPhones, Macs, and iPads — and that encouraging responsible disclosure is the best defense against sophisticated surveillance threats.

Leave a Comment

Comments

Related Posts