The incentives for finding an iPhone vulnerability are now far more lucrative. Apple has increased its bug bounty from $200,000 to $1 million, the highest reward from any major tech company. All researchers are welcome to try their hand.
The top reward will go to those who can hack the iOS kernel “with zero clicks.” Hackers who can find a “network attack requiring no user interaction” are also eligible for $500,000, while a 50% bonus will be granted to those who discover vulnerabilities in pre-released software.
Apple is increasing those rewards in the face of an increasingly profitable private market where hackers sell the same information to governments for vast sums. As Maor Shwartz told Forbes, the cost of a single exploit (a program that uses vulnerabilities typically to take control of a computer or phone) can fetch as much as $1.5 millon.