The world of Web3 has given rise to a new breed of cybersecurity experts, known as “white hats,” who are earning millions of dollars by identifying and disclosing security vulnerabilities in decentralized finance (DeFi) protocols. According to Mitchell Amador, co-founder and CEO of bug bounty platform Immunefi, these researchers are outearning traditional cybersecurity professionals, with some taking home as much as $14 million.
In an interview with Cointelegraph, Amador revealed that Immunefi has paid out over $120 million to researchers who have submitted thousands of reports, with 30 of them becoming millionaires. The platform, which protects over $180 billion in total value locked, offers rewards of up to 10% for critical vulnerabilities. Amador noted that these large payouts reflect the high stakes involved, with many protocols having tens or hundreds of millions of dollars at risk.
Related: New modsteal malware is aimed at KRYPTO money exchanges across operating systems
$10 Million Bug Bounty Saves Billions
The largest individual payout for a Web3 white hat was $10 million, which was awarded to a hacker who discovered a critical vulnerability in the Wormhole Crosschain bridge. Amador said that this vulnerability could have resulted in the loss of billions of dollars. Despite this discovery, Wormhole suffered a $321 million exploit on its Solana Bridge in 2022, which was the largest crypto hack of the year.
In February 2023, Web3 infrastructure company Jump Crypto and Oasis.App conducted a “counter-exploit” for the Wormhole protocol, recovering $225 million. Amador revealed that critical vulnerabilities make up the largest rewards, with top researchers earning between $1 million and $14 million, depending on the severity and scope of their findings.
Krypto Hackers Stolen $163 Million in August
According to Cointelegraph, crypto-related hacks and scams resulted in $163 million in losses in August, up from $142 million in July. Despite the increase in losses, the overall number of incidents trended down, with only 16 attacks recorded compared to 20 in June. The majority of the losses came from two large incidents, including a social engineering scam that targeted a bitcoiner and a breach of a Turkish stock exchange.
Amador warned that DeFi protocols that deal with significant total value locked (TVL) and lack strong bounty programs are most often exploited. He also noted that early-stage teams without security measures and complacent established players pose increased risks. As the Web3 ecosystem continues to evolve, the importance of white hats and bug bounty platforms like Immunefi will only continue to grow.
For more information, visit https://cointelegraph.com/news/web3-white-hats-earn-millions-beating-traditional-cybersecurity-salaries?utm_source=rss_feed&utm_medium=rss_tag_blockchain&utm_campaign=rss_partner_inbound
