Crypto security experts raking $430K salaries amid 2022's hacking spike

Published at: Aug. 23, 2022

The rise of crypto hacks over 2022 has skyrocketed demand for blockchain security experts, with some auditors making upwards of $430,000 per year.

Speaking with Cointelegraph, blockchain recruitment firm CryptoRecruit founder Neil Dundon said that while security audit services have long been in demand, the rise of decentralized-finance (DeFi) protocols has opened up opportunities for auditors to review potentially vulnerable smart contracts:

“There’s always been a demand for security auditors [...] But since DeFi apps have been out there, there has been quite a big increase in demand for security audits across the space because one small vulnerability in the protocol can potentially lead to the loss of hundreds of millions of dollars.”

A report from Chainalysis earlier this month revealed that hackers extracted more than $2 billion from cross-chain bridge protocols alone this year.

In a Bloomberg report on Aug. 22, CEO of decentralized lending service Morpho Labs Paul Frambot said that crypto security audits have moved from a “nice to have” business expense to a “must have” one.

“Security is, in my opinion, not taken sufficiently seriously in DeFi,” he said.

The rise in demand for crypto security auditors has seen a plethora of “for hire” ads across the industry.

According to job advertisements posted on Cryptocurrency Jobs, blockchain audit companies mostly look for experienced programmers with an understanding of blockchain technology, cybersecurity, and cryptography.

While most security audit salaries fall within the $100,000 - $250,000 range, some companies are willing to pay upwards of $430,000 per year, according to Web3.career’s job board.

Crypto recruitment firm Plexus Resource Solutions Zeth Couceiro made a similar comment to Bloomberg, noting that in some cases, blockchain security auditors have been raking up to $400,000 annually.

Couceiro added that these auditors tend to make about 20% more than Solidity-focused developers, which is the most popular programming language used to deploy smart contracts on Ethereum and other Ethereum Virtual Machine (EVM) compatible blockchains.

Related: What is a smart contract security audit? A beginner's guide

Among the top vulnerabilities that security auditors look for in smart contracts include timestamp dependency, reentrancy attacks, random number vulnerability, and spelling mistakes.

The Bloomberg report noted that venture capital firms have already poured $257 million into crypto security audit companies this year, which is up 38.9% from all of 2021, according to CB insights.

Tags
Related Posts
DeFi attacks are on the rise — Will the industry be able to stem the tide?
The decentralized finance (DeFi) industry has lost over a billion dollars to hackers in the past couple of months, and the situation seems to be spiraling out of control. According to the latest statistics, approximately $1.6 billion in cryptocurrencies was stolen from DeFi platforms in the first quarter of 2022. Furthermore, over 90% of all pilfered crypto is from hacked DeFi protocols. These figures highlight a dire situation that is likely to persist over the long term if ignored. Why hackers prefer DeFi platforms In recent years, hackers have ramped up operations targeting DeFi systems. One primary reason as to …
Adoption / May 14, 2022
Ethereum advances with standards for smart contract security audits
The Ethereum ecosystem continues to witness a flurry of activity that has individuals and organizations deploying token contracts, adding liquidity to pools and deploying smart contracts to support a wide range of business models. While notable, this growth has also been riddled with security exploits, leaving decentralized finance (DeFi) protocols vulnerable to hacks and scams. For instance, recent findings from crypto intelligence firm Chainalysis show that crypto-related hacks have increased by 58.3% from the beginning of the year through July 2022. The report further notes that $1.9 billion has been lost to hacks during this timeframe — a figure that …
Adoption / Aug. 22, 2022
Immunefi launches scoring system for Web3's elite white hats
Bug bounty platform Immunefi has released its Whitehat Leaderboard — a scoring system that showcases the top 20 most elite white hats in Web3. The rank will measure a given white hat's skills and status amid Immunefi's security community, said the company at the Web Summit on Nov 4. A white hat hacker is someone who identifies security vulnerabilities by testing an organization's information technology security. In Immunefi's community, the top 10 white hats alone have generated over $42 million in total earnings by disclosing critical vulnerabilities that have led to big bounty payments in the software industry. In the …
Business / Nov. 4, 2022
Immunefi partners with Binance Smart Chain on bug bounties to secure BSC projects
Immunefi, a security service outfit that specialized in decentralized finance (DeFi) projects, has inked a collaboration with the Binance Smart Chain. According to a release issued on Friday, Immunefi will work in collaboration with BSC to improve the security of projects on the Binance chain. As part of the partnership, ethical hackers who take part in a campaign to discover vulnerabilities in BSC-based projects will earn rewards. As a security outfit, Immunefi has reportedly paid more than $3 million in bug bounties to ethical hackers. Major BSC protocols such as PancakeSwap, DODO, and Zapper among others are already deploying the …
Blockchain / July 9, 2021
Hotbit crypto exchange shuts down for maintenance after attempted hack
Cryptocurrency exchange platform Hotbit has shut down all of its services after an attempted cyberattack on Thursday. “Hotbit just suffered a serious cyber-attack starting around 08:00 PM UTC, April 29, 2021, which led to the paralyzation of a number of some basic services,” a notice on the platform’s website reads. The hackers were reportedly unsuccessful in gaining access to Hotbit’s wallets but did manage to compromise the platform’s user database. Thus, the Hotbit team has advised customers to disregard any communication from entities claiming to be representatives of the exchange. With all normal operations currently paused during the ongoing maintenance, …
Business / April 30, 2021