A group of benevolent hackers exposed 55 vulnerabilities at Apple

Curry, along with Brett Buerhaus, Ben Sadeghipour, Samuel Erb, Tanner Barnes, turned their hacking efforts to the Apple bug bounty program between July 6 to October 6. They undertook the task in response to a tweet about the program offering $100,000 for reports on issues that could bring harm to Apple’s users.

In that time, they found dozens of vulnerabilities — 11 critical, 29 high-severity, 13 medium-severity, and two low-severity issues. Two of the most egregious problems exposed users’ iCloud accounts and allowed hackers to gain administrative control of the Apple Distinguished Educator (ADE) forum.

By exploiting iCloud and Apple Mail’s integration, the hackers could send emails with characters that granted access to the receiver’s iCloud upon opening them. This worm vulnerability applied to users with Mac.com or iCloud.com addresses, but could easily spread to multiple users from there.

For the ADE forum, they took advantage of a default password in order to brute-force the creation of an account with administrative privileges. In addition to code execution, they also had access to users' personal information, including their full names and employers.

A surprising payday —

When the team shared their findings with Apple, they received $51,500 for reports on four vulnerabilities, according to Ars Technica. Once Apple starting digging deeper into the list, however, Curry was notified of an additional $237,000 for 28 other vulnerabilities. It’s estimated that the team will ultimately receive about half a million dollars when all of the reports are assessed. That's still good value for Apple when you consider the potential harm those looking to expose those vulnerabilities could manage.