Apple offers up to $2 million reward for anyone who finds system errors

Apple has just attracted attention when it announced that it has doubled the maximum reward in its "security bug hunting" program, reaching the milestone of 2 million USD - the highest amount ever paid by the company for a serious vulnerability on the iPhone.

This is not only a historic milestone for Apple but also sets a new record in the entire technology industry, reflecting the determination of the "Apple" in the fight to protect users from increasingly sophisticated cyber security threats.

Not stopping at the record reward of 2 million USD, Apple said this number can increase up to 5 million USD in some special cases - if the researcher discovers a vulnerability that can disable Lockdown Mode - the most stringent protection layer on iPhone, designed to fight against sophisticated attacks from nation-level spyware or organized hacker groups.

Apple has doubled the prize this year.

According to Apple, to reach the $2 million reward threshold, the discovered vulnerability must be of a severity equivalent to the sophisticated espionage tools used by "digital mercenary" groups - such as attacks targeting journalists, human rights activists or senior personnel of organizations.

The move shows that Apple is significantly increasing its investment in cybersecurity, and sends a strong message: the company is willing to spend big to keep users' devices safe from increasingly dangerous threats.

Not only did Apple increase the reward to millions of dollars, it also expanded the scope of its Security Bounty Program, adding many new categories to more comprehensively cover potential weaknesses in its ecosystem.

According to the latest announcement, researchers can now receive rewards for discovering vulnerabilities in WebKit – the browser engine that underpins Safari, as well as in wireless communication protocols such as Wi-Fi, Bluetooth or Ultra Wideband. In addition, important operating system security mechanisms such as Gatekeeper – responsible for preventing software of unknown origin – are also on the program's target list.

For example, discovering a vulnerability that allows bypassing Gatekeeper could result in a $100,000 reward, while unauthorized access to iCloud data – Apple's cloud storage platform – could bring a reward of up to $1 million.

In the five years since its launch, Apple's bug bounty program has paid out more than $35 million to more than 800 cybersecurity experts worldwide . This number not only shows the scale of the program, but also reflects the seriousness of Apple's commitment to working with the security research community to strengthen its ecosystem.

To improve efficiency and encourage high-quality reporting, Apple also recently introduced the Target Flags system – a new mechanism that allows researchers to receive rewards faster if they can prove the ability to exploit a vulnerability at the time the report is confirmed.

Target Flags are seen as a major step forward in improving processing and payout speeds, while also promoting detailed, actionable reporting – a key factor in helping Apple quickly patch vulnerabilities before they are exploited in the wild.

With strong financial, technical and process moves, Apple is redefining industry standards in collaborating with security researchers – a strategy that not only protects users but also strengthens its position in the global digital security race.