Apple is raising the stakes in cybersecurity. The company has announced that it will pay up to $2 million to anyone who can successfully hack an iPhone — the highest reward ever offered under its bug bounty program.
This massive incentive is part of Apple’s broader effort to combat sophisticated spyware attacks and protect iPhone users from increasingly advanced cyber threats.
What makes this reward special
The $2 million prize targets “sophisticated mercenary spyware attacks,” according to Apple. These are highly advanced exploits capable of compromising devices without any user interaction — similar to the Pegasus spyware developed by Israel’s NSO Group.
In comparison, most major tech companies offer far smaller payouts for similar discoveries, placing Apple’s initiative among the largest cybersecurity rewards in the world.
Apple’s bug bounty program has evolved
Apple’s bug bounty program, launched several years ago, has already paid out more than $35 million to ethical hackers and researchers worldwide. Over time, the company has expanded eligibility to cover new categories of vulnerabilities, including iCloud exploits, watchOS, and wireless proximity attacks.
Researchers who identify security flaws in critical iPhone systems can now earn up to $2 million, while smaller discoveries can still fetch significant sums.
Apple says the expansion will help attract more experts and strengthen user trust as it faces growing threats from both independent hackers and state-sponsored groups.
Battle against advanced spyware
Spyware has evolved to the point where it can infect an iPhone with no user interaction, often through zero-day exploits. The NSO Group’s Pegasus software is a notable example, known for infiltrating iPhones through simple text messages and silently accessing calls, messages, and photos.
Apple’s latest bounty expansion is a direct response to such threats. The company even sued NSO Group in 2021, accusing it of targeting Apple users through unauthorized surveillance tools.
Craig Federighi, Apple’s Senior Vice President of Software Engineering, said the move is about holding spyware developers accountable and protecting users from invisible digital intrusions.
Apple’s initiative sends a strong message — it’s not waiting for vulnerabilities to be exploited before taking action. By rewarding ethical hackers and expanding its security categories, Apple is effectively turning potential threats into opportunities for protection.
