If you can pull off a very specific iPhone hack, Apple has a million dollars for you.
Apple announced a big changes to its bug-bounty program it launched in 2016. The biggest is a new $1 million reward if you find a very specific exploit.
The $1 million will go to security researchers (or group of researchers) that are able to carry out a “zero-click full chain kernel execution attack with persistence,” Techcrunch reports.
If you don’t know what that is, don’t worry. It’s an attack that would result in the hacker getting to the core of Apple’s operating system, iOS, and gaining control of the iPhone in question without any user interaction. If someone (or several someones) are able to pull the hack off and share how they did with Apple, they’ll get $1 million.
The new challenge was presented by Apple during the Black Hat cybersecurity conference being held in Las Vegas this week. Black Hat is currently the world’s leading information security event. Held in Las Vegas, the week starts with four days of technical training. followed by a two-day main conference. The conference ended yesterday on August 8th.
Beyond the new top prize, Apple also announced that it’s extending the bug-bounty program to include not just iOS, but also macOS, tvOS, and watchOS.
In the past, hackers have reportedly refused to alert Apple to security bugs without receiving any kind of bounty. By offering a cash prize for those platforms as well as iPhone, the company is setting itself up to potentially be able to work better with the hackers and security researchers that typically search for and find exploits.
The bug bounty program, which was previously invite-only, is also now available to any researchers that would like to participate, which should widen the number of people looking for those issues. Additionally, Apple will be offering a 50% bonus to any researcher that is able to find an exploit in the beta or developer preview version of the operating system prior to its public release.
That $1 million is a pretty substantial prize. The bounty is the largest reward being offered by a major tech company and is a dramatic increase from the top reward of $200,000 previously offered by Apple for finding exploits in iOS.
Apple’s new bug-bounty programs are expected to become available later this year.
Related Posts
Qualcomm’s Snapdragon 8 Elite Gen 6 Pro may reach 5.0GHz with Samsung heat tech
However, if recent whispers from the tech grapevine are to be believed, Qualcomm is getting ready to smash through that ceiling later this year - and they might be doing it by borrowing a trick from their biggest rival.
Meta is being sued over claims it can read your WhatsApp messages
WhatsApp implemented end-to-end encryption for all communication back in 2016, and it has since been one of the key components of the platform's pitch. The messaging app frequently reassures users that it doesn't have access to the contents of the messages shared on the platform, with a prominent notice within encrypted chats stating "only people in this chat can read, listen to, or share" the messages.
Samsung leak shows a deep feature cut finally going away on the Galaxy S26
Until now, the baseline Galaxy S25 came with 128GB of storage, while the Galaxy S25 Plus and the Galaxy S25 Ultra shipped with 256GB of storage on the base variant. However, doubling the storage on the upcoming Galaxy S26's entry-level trim could be a welcome addition.