Immunefi launches scoring system for Web3's elite white hats

Published at: Nov. 4, 2022

Bug bounty platform Immunefi has released its Whitehat Leaderboard — a scoring system that showcases the top 20 most elite white hats in Web3. The rank will measure a given white hat's skills and status amid Immunefi's security community, said the company at the Web Summit on Nov 4. 

A white hat hacker is someone who identifies security vulnerabilities by testing an organization's information technology security. In Immunefi's community, the top 10 white hats alone have generated over $42 million in total earnings by disclosing critical vulnerabilities that have led to big bounty payments in the software industry.

In the leaderboard, white hats will be daily classified by the number and severity of paid reports, as well as total earnings made. The hackers in Immunefi's community reviews projects’ blockchain and smart contract code, disclosing vulnerabilities and being paid for it. The rewards are based on the severity of the vulnerability discovered.

Mitchell Amador, founder and CEO at Immunefi, noted in a statement:

“As the volume of saved funds continues to grow, the leaderboard is another opportunity to give our white hats the recognition they deserve, as well as to encourage them to keep pushing the boundaries to make the web3 ecosystem safer.”

Related: Team Finance hacker returns $7M to associated projects after exploit

According to the company, white hats who rank on the leaderboard will also be selected to earn further rewards, all-expenses-paid trips, exclusive merch, and speaking opportunities on a regular basis. Created in 2020, Immunefi claimed to have saved over $25 billion in user funds and paid out over $62 million in bounties. The platform currently supports 300 projects across multiple crypto sectors, helping the industry players save funds stored in smart contracts. 

Amid the top bounties paid for white hats in the past two years, Immunefi facilitated payment for the discovery of a critical bug in the Wormhole core bridge contract on Ethereum, which led to the record-breaking bug bounty of $10 million for a white hat identified as satya0x, as well as the critical infinite spend bug found in Aurora Engine with a $6 million payout for white hat pwning.eth.

Security vulnerabilities had been among the challenges in the crypto industry this year. On Oct. 11, a hacker manipulated the value of the Mango Markets’s native token, MNGO, to achieve higher prices. The attacker took out significant loans against the inflated collateral, draining Mango’s treasury. After a proposal on Mango’s governance forum was approved, the hacker was allowed to keep $47 million as a “bug bounty,” while $67 million was sent back to the treasury.

Tags
Business
Defi
Hacks
Smart Contracts
Cybersecurity
Security
Related Posts
Poly Network offers to on board 'Mr. White Hat' as chief security advisor
Decentralized finance protocol Poly Network has offered the person behind a $610 million hack an advisery position and $500,000 — whether they like it or not. In a Tuesday update, the Poly Network team said, in a seeming attempt to gain access to the hacker’s expertise, that it would be inviting them to the position of chief security adviser. In addition, the project will be sending a $500,000 bounty for the attacker, whom Poly dubbed "Mr. White Hat," despite the fact they have previously refused any payment. “Poly Network has no intention of holding Mr. White Hat legally responsible, as …
Business / Aug. 17, 2021
Immunefi partners with Binance Smart Chain on bug bounties to secure BSC projects
Immunefi, a security service outfit that specialized in decentralized finance (DeFi) projects, has inked a collaboration with the Binance Smart Chain. According to a release issued on Friday, Immunefi will work in collaboration with BSC to improve the security of projects on the Binance chain. As part of the partnership, ethical hackers who take part in a campaign to discover vulnerabilities in BSC-based projects will earn rewards. As a security outfit, Immunefi has reportedly paid more than $3 million in bug bounties to ethical hackers. Major BSC protocols such as PancakeSwap, DODO, and Zapper among others are already deploying the …
Blockchain / July 9, 2021
Crypto security experts raking $430K salaries amid 2022's hacking spike
The rise of crypto hacks over 2022 has skyrocketed demand for blockchain security experts, with some auditors making upwards of $430,000 per year. Speaking with Cointelegraph, blockchain recruitment firm CryptoRecruit founder Neil Dundon said that while security audit services have long been in demand, the rise of decentralized-finance (DeFi) protocols has opened up opportunities for auditors to review potentially vulnerable smart contracts: “There’s always been a demand for security auditors [...] But since DeFi apps have been out there, there has been quite a big increase in demand for security audits across the space because one small vulnerability in the …
Adoption / Aug. 23, 2022
Uniswap DAO debate shows devs still struggle to secure cross-chain bridges
Over $2.5 billion was stolen in cross-chain crypto bridge hacks from 2021 to 2022, according to a report by Token Terminal. But, despite several attempts by developers to improve bridge security, a debate from December 2022 to January 2023 on the Uniswap DAO forums has laid bare security weaknesses that continue to exist in blockchain bridges. In the past, bridges like Ronin and Horizon used multisig wallets to ensure that only bridge validators could authorize withdrawals. For example, Ronin required five out of nine signatures to withdraw, whereas Horizon required two out of five. But attackers figured out how to …
Blockchain / Feb. 26, 2023
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023