In the rapidly evolving landscape of decentralized finance (DeFi), ethical hackers, commonly referred to as “white hats,” are turning their skills into substantial earnings that far exceed traditional cybersecurity salaries. Many researchers are raking in millions of dollars annually, a stark contrast to the typical salary range of $150,000 to $300,000 in conventional cybersecurity roles. This trend has been highlighted by Mitchell Amador, co-founder and CEO of Immunefi, a bug bounty platform dedicated to enhancing the security of Web3 protocols.
Immunefi has gained notable traction by facilitating more than $120 million in payouts across numerous reports, helping to safeguard over $180 billion in total value locked within various programs. Remarkably, 30 researchers have already achieved millionaire status through their efforts, with bounties reaching as high as 10% for critical vulnerabilities discovered in protocols. Amador noted that these substantial rewards are necessary due to the high stakes involved; a single vulnerability can jeopardize tens or even hundreds of millions of dollars.
One of the most significant single payouts on the platform was a staggering $10 million, awarded to a hacker who identified a critical flaw in Wormhole’s cross-chain bridge. The discovery was crucial, as it helped avert potential losses in the billions. Remarkably, despite this timely intervention, Wormhole itself experienced a $321 million exploit on its Solana bridge in 2022, marking it as the largest crypto hack of that year. In an interesting turn of events, a counter-exploit conducted by Web3 infrastructure firm Jump Crypto alongside Oasis.app managed to recover $225 million from the original hacker.
The bounty system rewards researchers based on the severity and scope of the vulnerabilities they unearth. Notably, top researchers can earn between $1 million and $14 million for critical findings, often referred to as “100x hackers” for their unique ability to identify risks that others may overlook. Although initial years of DeFi were rife with smart contract vulnerabilities, the landscape is evolving. By 2025, there has been a rise in “no-code” exploits, which often encompass social engineering tactics, compromised keys, and lapses in operational security.
Interestingly, the data reveals that certain types of projects are more prone to breaches. DeFi protocols handling significant total value locked (TVL) but lacking robust bounty programs are particularly vulnerable. Amador warns that both early-stage teams eager to enter the market and complacent established players often overlook necessary security measures, increasing their exposure to potential threats.
In tandem with these security concerns, August reported a concerning total of $163 million in crypto-related hacks and scams, reflecting a 15% increase from July’s losses of $142 million. Despite the rising figures, the number of overall incidents exhibited a declining trend, with only 16 attacks recorded compared to 20 in June. The majority of August’s losses were attributed to two significant incidents: a $91 million social engineering scam targeting a Bitcoin investor and a $50 million breach involving the Turkish exchange Btcturk.
As the Web3 space continues to gain momentum, the role of white hats in securing decentralized protocols is becoming increasingly vital, both for safeguarding investments and maintaining overall trust in the rapidly growing DeFi ecosystem.
