According to data compiled by the Atlas VPN team, Apple pays five times more for exposing a vulnerability than Samsung. Exploits that allow hackers to perform network attacks without user interaction are usually worth the most in bug bounty.
A bug bounty program is a reward offered for discovering and reporting a bug in a software product. AtlvasVPN says Apple pays from $100K to $1 million to researchers who find exploits in their devices. An AtlasVPN report from earlier in the year found that vulnerabilities in Apple products surged by over 450%.
Huawei’s bug bounty program offers payouts from $200 to $223K for found vulnerabilities in their devices. The company gives out rewards for exploits found in their AppGallery, cloud services, or the phones themselves.
Samsung’s bug bounty program rewards researchers between $200 and $200K for qualified exploits. The amount is determined by the severity level, vulnerability report quality, affected scope, and the difficulty of attacks.
Xiaomi bounty payments range from $800 to $13K for found vulnerabilities. OnePlus and Oppo, both owned by BBK Electronics, bug bounty programs can reward researchers with up to $7K and $4K, respectively.