Find this one bug and Apple will pay you more than Rs 17 crore

Apple is raising the stakes in cybersecurity with its biggest-ever bug bounty reward — up to $2 million (approximately ₹17.7 crore) — for anyone who can discover a critical vulnerability capable of executing a “zero-click hack”. The initiative is part of an expanded bug bounty programme designed to strengthen the security of Apple’s devices and ecosystem.

The new reward tier focuses on exploit chains that can mimic the behaviour of sophisticated spyware, capable of compromising devices without any user interaction. Apple has also introduced similar top rewards for vulnerabilities that can bypass its Lockdown Mode, a high-security feature designed to protect users at risk of targeted cyberattacks.

For bugs found in beta versions of Apple’s software, the company has set a top payout of $1.5 million, with the possibility of additional bonuses for specific categories. The revised bounty framework, which takes effect in November 2025, will include an expanded list of reward categories and detailed eligibility criteria published on the Apple Security Research website.

According to Apple, this represents the largest payout in the tech industry’s history for a single vulnerability. “This is an unprecedented amount in the industry and the largest payout offered by any bounty programme we’re aware of,” the company said. Including bonuses for Lockdown Mode bypasses and beta software issues, total rewards could exceed $5 million.

Lockdown Mode, first launched in 2022, provides an extra layer of defence for users such as journalists, activists, and government officials who may be targets of advanced cyber espionage. Apple said offering targeted rewards for breaking its protections helps identify potential loopholes before they can be exploited by attackers.

Since opening its public bug bounty in 2022, Apple has paid over $35 million (₹300 crore) to more than 800 researchers worldwide, with some individuals receiving as much as $500,000 for their discoveries. The company stated that this initiative demonstrates its ongoing commitment to building a more secure digital environment and rewarding researchers who help prevent high-risk attacks.

Apple’s latest expansion signals a major step in its ongoing efforts to outpace emerging cyber threats and ensure that even its most advanced protections — including Lockdown Mode — remain resilient against the world’s most sophisticated hackers.