For context (that of course is buried far from the title), Kaspersky is a Russian company and Apple, being an American one, is subject to the embargo and sanction list of the USA:<p>> While Kaspersky is a multi-national company, it was founded and headquartered in Russia, a country the United States has heavily sanctioned due to the war in Ukraine. This could severely restrict financial transactions between U.S. companies and those in the region.<p>> Additionally, per Apple Security Bounty’s terms and conditions, “Apple Security Bounty awards may not be paid to you if you are in any U.S. embargoed countries or on the U.S. Treasury Department’s list of Specially Designated Nationals, the U.S. Department of Commerce Denied Person’s List or Entity List, or any other restricted party lists.”
I've always felt sorry for Kaspersky. The leadership seems to have put together a company that's about as ethical, in culture and in the general sweep of its actions, as you can ever find in the industry. Their products tend to be in the upper tier in terms of delivering what they promise. They try to behave like "good citizens".<p>But the company constantly gets squeezed between trying to fight obnoxious demands from the Russian government (including, I suspect, by not expanding into businesses where those demands would be un-resistable), and trying to fight suspicion from everybody else.
Apple’s excuse is poppycock. 10s of thousands of developers in the US use Jetbrains products in the US and pay for them routinely with their debit cards on subscription. Jetbrains is located in St Petersburg.<p>They should be sued, and also given that such sophisticated attacks are usually the domain of state sponsors, if they dont pay they can be assured that the next one wont be reported to them.<p>..or maybe thats the plan.