Apple Will Pay Hackers $1,000,000 For This Bug Bounty 😳
HTML-код
- Опубликовано: 1 окт 2024
- Support the Shawn Ryan Show for $5 and get the chance to watch the shows AD FREE, with the exception of Shawn's personal reads, before they release!! Additionally, you will get behind the scenes footage from the Shawn Ryan Show. Sign up here: / vigilanceelite
Please leave us a review on Apple/Spotify Podcasts:
Apple - podcasts.apple...
Spotify - open.spotify.c...
#PODCAST #HACKER #SHORTS
Vigilance Elite/Shawn Ryan Links:
Website - www.vigilancee...
Patreon - / vigilanceelite
TikTok - / shawnryanshow
Instagram - / shawnryan762
Thanks for watching everyone. You can watch the full episode with Ryan Montgomery here ruclips.net/video/qjz_07-DvE0/видео.html Additionally if you want to support the Shawn Ryan Show you can join the community. www.patreon.com/VigilanceElite
I ran recruiting for the Bug Bounty Program at Zoom for a couple years. My VP never made million dollar payouts, but it’s certainly a lucrative opportunity for Hackers to be on the good side of the law. In fact, I screened so many folks that had felonies for hacking, yet it didn’t matter if you were good.
You also have the internal/external anomaly assessors typically known as Red Team or Blue Team.
Great interview
btw, I’m also the recruiter that built Napster’s original engineering team, file sharing (music).
With the IPhone can’t you download a app and all you need is the person cell phone number too hack for iPhone too see what they are doing … like screen sharing ?
Ask this guy about the ability to rig elections with computer technology.
Valve
@@Misterscout
2 cryptic
His Steam library must be pretty impressive, then
i had the same thought lmao
Definitely pornhub premium
I thought of amazon.
😂
Amazon or steam, imagine having 130k in credit, they probs offered 100k cash and my guy did the maths and worked out he could make more with the skins he could buy. Maybe.
It was gamestop. They offered him $10.00 in cash or $128,000 in store credit. This happened before the stock ordeal, obviously.
Lol you can literally buy a brand new game just dropped bring it in unopened they offer you $15 it's fucking insane!
Underrated comment
😂😂😂
This needs more likes
HAHAHAHHAH
Fun fact. They offer just over a quarter million dollars to anyone who can find exploits that directly lead to the development of a jailbreak. This is why jailbreaking Apple products had basically come to a crawl. People are reporting their methods to Apple, and they get patched out really quick. Why release a jailbreak when you can receive 250k+ in what for some of these people is relatively easy cash
Pangu is dead last time I had it working was iPhone 6c lol
@@musicmane4146I said nothing about pangu. There’s also a lot of newer devs who made jailbreaks for up to iOS 15.5 iirc. Not all versions, but a large majority
Or just be Nintendo and get a court to sentence you to a $10 million fine from Nintendo.
@@GiuseppeGaetanoSabatelli that makes no sense in relation to anything I’m talking about. Apple is paying these people to not release the exploits immediately. Nintendo is attempting to take down anything emulation and has sued Gary bowser recently for being associated with the people who made the tools and custom firmware that made piracy on the switch easier
@@Syndicate_LS is jailbreaking still alive then? It was part of the reason I got an iPhone because the jailbreaking was a big deal like ten years ago 😂
Gotta be Amazon, that much store credit anywhere else is just basically pointless.
Robin Hood or another investment platform 🤷🏻♂️
@@matthewdenis6899 that's not credit, that's just tax free cash
Ebay. He's smart enough he's going to leave an intentional red herring.
Betting sites, ticket sites, and airplane app could make sense too
@@matthewdenis6899 robin hood is a scam in case you haven't heard.
It was cambells soup. They offered him $128k in chicken noodle soup
Like one entire bedroom devoted to housing cans of crappy " run the chicken through for flavor" soup.
Why
@@meditationdrumartprojectca4835 its obvious, he hacked the soup
Bro pops open a soup can
*hacker voice* I'm in.
Campbell's: *hands him $128k*
*Everyone clapped 👏 *
Thats 129,293 cans of Campbell soup
Except when you submit a bug you spent months finding, they send you an email saying they were already working on it despite the fact that it's a zero-day
That's when you use it to leave a note on tim cooks phone.
@@MrDJAK777lol that's one way to show to show them youre serious 😂
Literally happened to me with PayPal bug bounty
Smart man. $128k credits is not money, therefore not taxable. And very difficult for the IRS to track.
Can you explain how it’s hard to track?
You don’t know what the cash offer was. Yet you have judged he’s a smart man in the deal. 😊
@@JM-ym8vrcash offer would've been 128k given to you wdym?
No reason to track it in a closed system, same as gift cards basically. Very nice tax free paycheck though!
@@MyspacHor911 Because a store credit is not earned income - it's a credit. The IRS *can* find it, but not through the usual means.
You can either report that bug to apple for 1 million or sell it to the NSA for 3 million
classic
Or use it yourself for billions, up to you i guess.
The CIA can monitor any Apple phone. The software runs independently of the OS too.
If the NSA is involved.
Is there a waiver of all taxes included? 😁
I had a uncle that “worked for the nsa” and he would always be like “man I can’t tell you shit kiddo it’s against my job” but I remember before he passed he did start telling me crazy shit and just saying “don’t tell a soul” super cool dude. Getting into someone’s phone or a apple exploit to get into phones, that’s just child’s play for the nsa
damn that’s a lot of OF credit
Bet he has an empty Amazon wishlist
HahshshH😂
Nah man, his wishlist is whatever he put in his cart anytime
Are u slow? Why would he get credit on Amazon when he can use the cash to buy stuff? There’s no gain in that. He prob got bitcoin
@@Foryourinformation218same reason why places sell $100 gift cards for $80. They know you’ll be forced to use the money at their site anyways, so they can offer a more lucrative deal. Would you take 80k cash or 128k in credit?
@@Foryourinformation218it was probably either 130,000$ in store credit or like 70,000$ cash
Bezos coughed up that 128k
My old landlord makes tables for his man cave lol no lie
I thought the same
No way, it was Steam. And now he has every single train DLC for Train Simulator.
@@Sercer25 hahahahhahahahaha
@@Sercer25 nah bro has all the europa euralis dlc
"If i did, i would report it to apple" that smurk at the end says different 😂😂
Yep I’m sure he would sell it to the highest bidder
Don’t think the IR-s taxes platform credits…..well played young man
Exactly
It's classed as "Benefit in Kind" in the U.K...so they'd still want their 25%.
@Snakebloke thats the uk though. They tax everything. Hence the American revolution
He'll be taxed for capital gain.
Yes they do. Any form of income is taxable unless stated exempt and there are no laws stating that the credit is exempt.
Keep in mind, that’s apple’s offer. Black market, probably 10x-25x.
These idiots trying to pretend they know anything about the black market because they did some surface level research on Google 💀
@@octopusdreams welp, if you weren’t already…welcome to a(at least)watchlist for this comment. It’s okay, you’re among friends here.
@@halvorson566 haha
Lol what black market?
Plus risk of jail time
I honestly thought it would be an Airlines type deal at the end. That's a lot of travel for the rest of your life
So let's team up with an apple software engineer. He adds the bug and I find it. We split 50/50.
I don’t think an Apple engineer needs the money 😂
@@saucejohnson9862 not need but want, yes
@@saucejohnson9862 now that I think about it I’m not surprised if western Apple engineers are very well paid
@@saucejohnson9862 I work in big tech and I can assure you that every single engineer I know would jump at the opportunity to make an extra $500k. Sure, some of us get paid a great salary, but the vast majority of us are still living middle/upper-middle class life styles.
@@phytoplankton7003 Devils advocate, I bet most are from India because they won't take the salary that an engineer is worth.
I love how he looked off to the side at the Apple firing squad before he answered 😅
😂😂😂😂
😂😂😂
…they’ll pay you a million dollars.
Have you done that before?
No (looks to the left)…I, uh (begins moving uncomfortably in his chair)…I personally haven’t found any bugs in the new iPhones, but if I did I’d report it to Apple.
Rrrrrriiiiggghht…😉👍
Well, let's be honest...a million is nothing to a company like Apple, especially if it means their products are safeguarded
A 0-day exploit is more valuable being kept and abused than bountied.
Usually bug bounties are graphical glitches or translation issues, sometimes it's about fixing how apps render in certain devices, etc... But you rarely see actual security threats being bountied.
use your brain, a million isn't alot but if a billionaire gave a broke person 1 million its a lot to them
That’s the point…
You could almost certainly get a hell of a lot more by selling that exploit to someone else.
Apple needs to offer this incentive. It might even be too little.
They might just want to utilize those vulnerabilities
So anyway, Amazon fixed a hole.
He keeps looking up to the right with some answers and up to the left with others is he being truthful? (I’ve been watching too many behavioral analysis stuff 😂)
American Airlines. That’s my guess. I’d easily accept $128K in credit for AA over the (probably) $50K cash.
$128,000 Steam credit 😂
Oh please, the entire airline industry is one giant bug masquerading as a feature. That's what has been causing all the random nationwide flight delays lately.
My pops use to fly for AA
Gotta agree, he got airline credit.
@@unbearifiedbear1885 this sent me, good one
128,000 credit for Amazon...
It was obviously onlyfans
@@dano9411 judging by his skin complexion i can see why you said that
@@carbon-based-lifeform9172 you guys are weird
@@dano9411 highly doubtful considering how much time and effort he puts into catching preds.
Obviously
For sure had to be Amazon lol. What other company would you chose credit over cash. Idk though. What’s your guess?
128K for Pornhub? Legend.
Bro got no adverts for free.
Bitcoin, I think
ewe
@@apoozeo1715 Bitcoin isn't a company, dude. 😂
I would totally rake that credit if it was a Darknet market. ;)
And the NSA be like “we’ll pay you 2 million not to reveal the vulnerability.”
Was definitely Amazon.
I emailed McDonald’s explaining how their app could be abused and people could get free meals over and over for free. I was expecting some sort of payment. They sent me a gift card for a free meal 😂
Thats on you bro - you should have told them that you know about an exploit and then negotiate a reward BEFORE sharing the info.
Did it get fixed? If not hook us up.
@@damian597 i was aboit to say the same lol
You were supposed to tell them about an exploit and negotiate compensation then you give the details. If you're good at something, don't do it for free
Fuck, you reported that? I thought they just hooked on to me after I got 5 meals for free over the week 😂 my app stopped launching properly for a day then started charging for meals again. Hungry jacks have fixed their shake n win pick what you want also :( was great while it lasted. Proves you should test your apps before launching them
If I did find it I would be sure to report it to Apple, and won't sell it to the governmenta around the world who will pay me Millions more. 😂😂
"if you are good at something, never do it for free" ~Joker 🃏
Yet he’s the same person that says "eat the rich". Rich people never do something they’re good at for free. I’m serious
I just like this guy. He's honest to the core.
Hah, I feel like we just won't be able to ever catch him lying.
Nah, he's just good at maintaining his front. He mostly works for North Korea, as they are usually the highest bidders.
Pretty clear from his tone that he could get 50 million from someone else for the iPhone bug lol
I can barely write a damn web application. Always admired these guys.
smart guy putting that "disclaimer" in there for Apple with a little giggle👍🏽
Anyone wanna link up, and try to find a bug, and split the earnings?
No lol, the don’t pay the advertised price. Programs now trying to use anything they can to minimize impact, or call it out of scope so they can not pay you or shrink the payout. Best to keep the research to yourself at this point
“If I did, I’d be sure to report it to apple.” Oh ok, gotcha….
He found a bitcoin exploit and got 128k in bitcoin.
This dude has a bunch of V bucks
$128k in credit? I'm betting it was Amazon. If not, then likely a major tech manufacturer.
I feel sorry for anyone that bullied this guy in high school!
Amazon all day, my guess is something to do with those gimmicky buttons that order things for you, they seem like a liability.
I'd guess it's specifically AWS
saying he chose it over cash really does narrow it down 😂
The point wasn't to narrow it down though
@@trapezoid5810 the point is he DID narrow it down
@@trapezoid5810nope, if he outright says the name he's breaching his NDA....he gave just enough of a hint for us to get it though.
Bros face built like a rick and morty character
Dude must really like using AWS!
Someone's got a sweet roblox account
Bro's going to have Amazon prime for the rest of his life 😂💀💀
Shawn Please ask this guy about the dominion election computers.
100%
I watched the whole interview, gotta say, one of the best interviews ive watched had my attention the whole 2 + hours
His onlyfans subscriptions are probably off the chain 😂
Comment section:
50% Amazon.
50% Steam.
Place your bets gentlemen.
Send it to Huawei for 10 million dollars.
Dude I would start a Chinese bidding war honestly. I’d contact huawei, let them know the price is currently 10,000,000, but that I have other potential buyers lined up. Hopefully huawei would cough up more than 10 mill, they have the entire Chinese population under their belt.
Lmaoo
he definitely found something on the new phones
Hahahaha facts
Bro got 5 million vbucks collecting dust
Its worth a lot more than a million to not share the vulnerabilities, and he knows it.
Respect 🏆
My guess is 128k in credit on a CSP. Prob found a bug on GCP or AWS or something. Can't think of any platform where six figures in credit would be useful
Amazon
Gambling website
His $128,000 credit might be PayPal, but wouldn't the "credit" just be considered cash since he could move it to a bank?
Dude has enough credit for Candy Crush power-ups to last a month.
I love this shit Ryan I love the diversity you’re bringing onto your platform. My favorite channel to watch these days. Keep smashing player
The shorts or gold I don’t know how they work on your end, but every time I open RUclips I’ve got more shorts on your channel
Who else thinks the $128,000 reward he won was for a cryto exchange where he was paid in crypto?
That would have been the best play.
no chance cryptos pay $1.2 million easily not 128k cause you can outrightly steal their whole shit.
maybe. Bug bounties are common in crypto. Still doesn't make sense why they offered to pay him cash, usually just crypto is the award.
I love your show brother! keep up the great work! And I assume by now that Sean has a full crew of people reading these comments. So with all politeness, please do convey my appreciation to Sean. TY!👍🙂🙂🙂🙂
That is a damn good idea. Give the white hats a reason to really test your security. If you can stymie them you are probably good against the bad guys.
yes, but the vast majority of these hackers never get paid. its feast or famine in bug bounties, pretty much.
A zero click exploit to access an iPhone would easily be worth billions and an absolute PR disaster for apple. Government orgs around the world would pay big money for that.
Companies take advantage. Even big companies. Steam paid out a bug hunter 17k for a bug he found where he could reload his steam wallet with unlimited cash untraceable . Bug hunters were furious n thought he should have been paid at least 170k. Steam has a bad reputation now with the hacking community . Big corporations all around the world are fucking the good guys over because there are no proper regulations in place. It's easier to be the bad guy....
I remember when trade me first started they had a problem with orders & payments you could just order as many things as you wanted & collect it all for free without payment. The company was liable so paid out all of the transactions from the distributers that didn't get their money for the items. Which wasn't a lot because regular civilians didn't know there was an exploit.
thank you for sharing that.
I feel like he found an Apple vulnerability but part of the $1m deal was to say he never found a vulnerability on an iPhone
Cause they want people to think IOS vulnerabilities don't exist? They get published all of the time, lol
RIP to the hackers that came up front admitting they have created a no click bug into any apple phone!
Apple would probably pay them then offer them a job. Hackers are usually extremely well connected, Apple doesn’t benefit at all if word got out they don’t actually pay.
Especially since 1mill is NOTHING compared to the PR storm + loss of sales + class action lawsuit that could come from a major exploit going public. That could genuinely cost them Billions.
Who is this young man ?
He's slick.
Ryan M. Montgomery olso known as 0day, he's first on tryhackme leaderboards
@@filippodeluca9464 what’s tryhackme leaderboards? I’m so behind on these things.
A little misleading. It needs to be a zero click that allows for kernel level execution AND allow persistence and kernel PAC bypass.
Tell me it was Amazon with out naming them directly.
Laughs nervously. You know he does that for free.
imagine facing this guy on call of duty
In the new iPhones hahaha that means homie was busting the old ones back in the day. Glad there’s incentives to keep these intelligent people working for the good side. Dude could do a lot of damage
who exactly are the good side ? im not sure anymore
Calling it now the company was Amazon
Wonder how much apple paid him to say "nothing on the new iphones"
Protect this man at all costs!
Humble, high integrity by nature and all in for the greater good.
@@JetofOZ-vs5rr well, he's pretty clear about the fact he's making money using his skills.
Imagine having that talent, see that you can do great things with it AND a decent income... And then go: 'MEH... Not gonna use this to provide for myself and others, and do some good".
Definitely got the doordash exploit fixed
i hate those zero click things, everyone used to think they were so funny sending you “effective power”
They pay you $1 000 000 and then execute their entire engineering squad
Who will implement the fix ?
College undergrad
The people like this man that looks the lease harmless are the ones you should fear.
Why
This man hacks pedophiles on the dark web and gets them arrested...I'd say he's a pretty decent human being....have you watched his 2.5 hrs interview on this channel? If you haven't I highly suggest you do, he's saving children by what he's doing
Nah combine this dude with rainbolt and the best fbi investigator and you have yourself the most intelligent man
My best guess is a car company. I know they use a lot of hackers to prevent bugs, especially with everything moving towards digital. 128k would get you a lifetime supply of cars or some very very nice ones. Makes the most sense to me…
Carvanna? Lol I was thinking maybe eBay or amazon
That’d be sweet
You must be talking lease prices because 128 grand can't even buy you 2 trucks nowadays.
@@MikeWhite-zs2st could buy you like 5 Hondas and those things last for 20 years lol
My boi chose loyalty points over cash. What a trooper.
There used to be a cool way to get around samsung phones being locked by owner google acc. You cant get rid of it using factory reset but you could download something to remove the lock using internet.
Normally you cant use the internet on the phone because its locked by google account but you could use next to speach disablity settings to get their privacy policy. They dont keep it on the device so it opens up in chrome, then you use that to download this thing but i forgot what it was called.
He definitely did find zero-click Apple exploits but he knows damn well, nation state actors pay alot more then a million for those 😂😂😂
Finding any zero-click exploit of significance is like a one-in-a-million thing, so no. Most software never even has any discovered in their entire history.
no he didn't. He's not Neo.
@@MsHojat its called a joke nerd, look it up.
I wonder if he can fix my credit that Toyota of Tampa Bay fucked up for not paying off my trade in.
well apple paying one mill for that level of exploit would be like me paying 1 cent for someone finding the starting codes for my nuclear arsenal. Kinda cheap for the damage they can make.
You'll never need more than 640k but here's 128k to keep your mouth shut.
- Microsoft
Lets be honest, Apple paided him to say the phone was fine😂😂
*paid not paided
payded
0 click bounty... stupidest most apple thing ever, its the same thing as if you want to break in to a car and cant touch it 😂😂😂😂😂
Be worth a lot more to an unscrupulous government.. you probably wouldn’t live long enough to spend it though.
You cant but... if you identify as having multiple personalities.... James Jimmy or Jackson will have no problems filling you in! 😂 Wasnt the personality that identifies aa Jason..... 😅 He signed that NDA. This is James. WUDDUP.
Not even respecting my pronoun. Respect my current identity. 😂😂😂
The average Gen Z computer scientist in the next decade:
Can anybody suggest help for my friend?
She has memory issues has been diagnosed with Alzheimer’s, and even though she’s pretty lucid on s daily based. She comes from a generation where people, rob corporations, not so much the average citizen.
She’s been taken by scammers and has had her bank account completely wiped out.
She is now facing housing crisis that I wish I could help her with, but I’m unable to because I’m on disability myself.
If anybody can help by way of financially, helping her with her mortgage payments to get them up-to-date, I would be incredibly grateful.
It’s heartbreaking to see somebody who has worked. Their whole lives so hard only defined after two phone calls. Everything is gone.
The banking industry has not done much to help.
She just needs her sense of safety in her home back
$128,000 in credit ON the platform INSTEAD of cash. He thought that was a better option. Could it have been Amazon? Hmm I guess it could have been a lot of places the more I think about it. I wonder
If someone could successfully hack or break into a Iphone, Apple's million dollar reward would be like the change in their couch cushions compared to the kind of numbers that corporate/political fixers & lawyers would be throwing at them to duplicate that process on behalf of their "clients"... 🤣😂🤷♂️
I hate apple, but i cant never say they are not secure.
I work in IT, and I had someone come to be and ask if I can hack a locked iPhone. Dude, dedicated hackers can’t do it what makes you think I can? 😂
I know I'm high, but this feels like psyops so hard lmao like, someone randomly telling you there's a bounty you should come forward and collect if you're an amazing cyber hacker??
This is definitely a government commercial to recruit for cyber security. Lmao 😂
It’s called a zero day not a zero click 🤣 A zero click refers to a RAT in which dosent require the victim to click on a link or image to gain access to their device. For example the popular rat used by governments named Pegasus is a zero click. If this was true to use Pegasus is 25k per victim. If Apple paid you 1 million each time it would be a money machine 💀
Apple/microsoft/google....🍿 but they dont always pay out accordingly.....food for thought when posting 0days that you do the work on and can put a price on in the open market for tuns more than the companies with bug programs....
Luca todesco was a goat between 2010-2018 bro I remember the days of jail breaking. Apple cracked down by bug bounties and I don’t blame them or him. Bug bounties encourage people. But damn was it a great time.