In 2016, Apple announced at the Black Hat conference the launch of its own vulnerability bounty program. Initially, the Apple program was distributed only on iOS, and only a select few could participate in it, but not everyone.
Apple again spoke at Black Hat this year and announced that the company is expanding its bug bounty program. Now, for bugs in the iPhone, you can get up to a million dollars, and by the end of this year, researchers will be able to look for problems in macOS, watchOS and tvOS.
The extended bug bounty program will be open to everyone, and the size of the rewards, as usual, will vary depending on the severity of the vulnerabilities and the potential damage they can cause.
Vulnerability rewards have now increased significantly. For example, Apple is currently offering researchers up to $ 200,000 for vulnerabilities that can give an attacker full control over an iOS device (we are talking about remote attacks that do not imply user interaction and allow code to be executed at the iOS kernel level).
Starting in autumn 2019, the reward for such bugs will be increased to one million US dollars. In addition, the proposal also covers similar issues on macOS.
Let me remind you that vulnerabilities in Apple operating systems have long been considered one of the most expensive in this market. For example, Zerodium offered a million dollars for iOS exploits back in 2015.
The rewards for other types of vulnerabilities have also been increased, and now researchers can earn from $ 100,000 to $ 500,000 on various bugs. In addition, Apple is offering a 50% vulnerability bonus for issues found in pre-release builds. Thus, the company hopes to prevent dangerous bugs from getting into the release, where they can lead to attacks on users, and their fixing can take many weeks.
Black Hat also confirmed information released by Forbes earlier this week. Then the publication reported that soon Apple will begin to provide select security professionals with special iPhones for tests that are easier to crack. These devices have most of their security features disabled, and Apple engineers use them to troubleshoot issues (even before final prototypes are approved and devices are sent to mass production). Previously, such devices often ended up on the black market, where they were sold for a lot of money, and sometimes ended up in the hands of vulnerability brokers or 0-day sellers.
