A group of five hackers, Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes, were trying for around 3 months to hack into Apple system or to find vulnerabilities in Apple systems.
They discovered around 55 vulnerabilities some of which were little and some of which were critical. They knew about the “Bug Bounty Program” by Apple, where one can be rewarded by finding security flaws or vulnerabilities in Apple services.
This group of hackers received a total of four payments from Apple under the Security Bounty Program on October 4, 2020, which totals $51,500 USD.
$5,000 in this payment was for disclosing the name of iCloud users, for finding IDOR vulnerabilities the bounty was of $6,000, and $6,500 was for finding the way to access internal corporate environments. The most huge payment was $34,000 for discovering memory leaks in the system containing the data of customers.
One of the group members mentioned:-
Since no-one really knew much about their bug bounty program, we were pretty much going into unchartered territory with such a large time investment. Apple has had an interesting history working with security researchers, but it appears that their vulnerability disclosure program is a massive step in the right direction to working with hackers in securing assets and allowing those interested to find and report vulnerabilities.”
Apple is one of the companies paying close attention to making its services and system as much secure as possible. This opens doors for hackers who can find security flaws in Apple services and can receive bounty from Apple.
One of the members of this group of hackers, Sam Curry has also uploaded the full report on his own blog, you can check out it by clicking here:- https://samcurry.net/hacking-apple/.
The source of this news is:- Macrumors.
Related articles:-