- Aug 17, 2017
- 1,609
- Content source
- https://therecord.media/kaspersky-apple-bug-bounty-declined
Apple declined to issue a bug bounty to the Russian cybersecurity company Kaspersky Lab after it disclosed four zero-day vulnerabilities in iPhone software that were allegedly used to spy on Kaspersky employees as well as Russian diplomats.
A spokesperson for Kaspersky Lab told Recorded Future News that the company’s research team considered their work “eligible for Bug Bounty rewards from Apple. However, when asked about it, we received a decline from the Apple Security team referring to the dedicated policy.”
Apple did not provide a comment when contacted by Recorded Future News. Bug bounties are a common way for companies to encourage researchers to disclose vulnerabilities to them instead of monetizing them by selling them to malicious actors that might exploit them.
Apple refused to pay bug bounty to Russian cybersecurity firm Kaspersky Lab
Kaspersky Lab disclosed four zero-day vulnerabilities in iPhone software last year that were allegedly leveraged in a cyber-espionage campaign. The company said Apple declined to pay a reward.
therecord.media