Hack Apple And Earn 1 Million Dollars

Apple Bug Bounty Program
Apple Bug Bounty Program
  • Apple Invited Hackers for Bug Bounty program

  • Earn up-to 1 Million Dollars.

  • Open for all CyberSecurity researchers

Previously Apple Bug Bounty Program opens for selected security researchers, and now it’s open for all.

Eligibility to Hack

To be eligible for an Apple Security Bounty, the issue must occur on the latest publicly available versions of iOS, iPadOS, macOS, tvOS, or watchOS with a standard configuration and, where relevant, on the latest publicly available hardware.

These eligibility rules are meant to protect customers until an update is available, ensure Apple can quickly verify reports and create necessary updates, and properly reward those doing original research. Researchers must:

  • Be the first party to report the issue to Apple Product Security.
  • Provide a clear report, which includes a working exploit (detailed below).
  • Not disclose the issue publicly before Apple releases the security advisory for the report. (Generally, the advisory is released along with the associated update to resolve the issue).
  • Issues that are unknown to Apple and are unique to designated developer betas and public betas, including regressions, can result in a 50% bonus payment. Qualifying issues include:

Security issues introduced in certain designated developer beta or public beta releases, as noted on this page when available. Not all developers or public betas are eligible for this additional bonus.

Regressions of previously resolved issues, including those with published advisories, that have been reintroduced in a developer beta or public beta release, as noted on this page when available.

To be Payout Offers

Unauthorized iCloud Account Access

  • $25,000 for Limited unauthorized control of an iCloud account.
  • $100,000 for Broad unauthorized control of an iCloud account.

Physical Access to Device: Lock Screen Bypass

  • $25,000 for Access to a small amount of sensitive data from the lock screen (but not including a list of installed apps or the layout of the home screen).
  • $50,000 for Partial access to sensitive data from the lock screen.
  • $100,000 for Broad access to sensitive data from the lock screen.

Physical Access to Device: User Data Extraction

  • $100,000 for Partial extraction of sensitive data from the locked device after first unlock.
  • $250,000 for Broad extraction of sensitive data from the locked device after first unlock.

User-Installed App: Unauthorized Access to Sensitive Data

  • $25,000. App access to a small amount of sensitive data normally protected by a TCC prompt.
  • $50,000 for Partial app access to sensitive data normally protected by a TCC prompt.
  • $100,000 for Broad app access to sensitive data normally protected by a TCC prompt or the platform sandbox.

User-Installed App: Kernel Code Execution

  • $100,000 for Kernel code execution reachable from an app.
  • $150,000 for Kernel code execution reachable from an app, including PPL bypass or kernel PAC bypass.

User-Installed App: CPU Side-Channel Attack

  • $250,000 for CPU side-channel attack allowing any sensitive data to be leaked from other processes or higher privilege levels.

Network Attack with User Interaction: One-Click Unauthorized Access to Sensitive Data

  • $75,000 for One-click remote partial access to sensitive data.
  • $150,000 for One-click remote broad access to sensitive data.

Network Attack with User Interaction: One-Click Kernel Code Execution

  • $150,000 for One-click remote kernel code execution.
  • $250,000 for One-click remote kernel code execution, including PPL bypass or kernel PAC bypass.

Network Attack without User Interaction: Zero-Click Radio to Kernel with Physical Proximity

  • $50,000 for Zero-click code execution on a radio (e.g. baseband, Bluetooth or Wi-Fi) with only physical proximity, with no escalation to kernel.
  • $200,000 for Zero-click partial access to sensitive data, with only physical proximity.
  • $250,000 for Zero-click kernel code execution, with only physical proximity.

Network Attack without User Interaction: Zero-Click Unauthorized Access to Sensitive Data

  • $100,000 for Zero-click attack that can turn on and collect information from a sensor (e.g., camera, microphone, or GPS).
  • $250,000 for Zero-click partial access to sensitive data, without physical proximity.
  • $500,000 for Zero-click broad access to sensitive data.

Network Attack without User Interaction: Zero-Click Kernel Code Execution with Persistence and Kernel PAC Bypass

  • $1,000,000 for Zero-click remote chain with full kernel execution and persistence, including kernel PAC bypass, on latest shipping hardware.

How To Report Apple vulnerability?

Once you found the vulnerability, you need to send the report by email to [email protected]. Whenever possible, encrypt all communications with the Apple Product Security PGP Key. Include all relevant videos, crash logs, and system diagnosis reports in your email.

For the latest update about Cyber and Infosec World, follow us on Twitter, Facebook, Telegram , Instagram and subscribe to our YouTube Channel.

Subscribe to HackersOnlineClub via Email

Enter your Email address to receive notifications of Latest Posts by Email | Join over Million Followers

More from Priyanshu Sahay

Firefox Disabled All Browser Extensions After Certificate Issue

Firefox Disabled All Extension After Certificate Issue You are not alone to...
Read More

Leave a Reply