2 minute read
Cybersleuths who protect Crypto from Hackers are Making a Killing
They're hiring, raising prices, and taking in fresh funding as mass firings become the norm elsewhere in crypto.
Robert Stone
Advertisement
One sector of the crypto industry is thriving during a time when many are struggling. Companies that sift through code for flaws and run bug-hunting sites find themselves with more business than they can handle as criminals, including North Korean hackers, increasingly target cryptosphere software infrastructure. As mass firings become commonplace in crypto, they're hiring more, raising prices, and raising funding.
This year, hackers have stolen roughly $2 billion from digital-asset protocols, according to researcher Chainalysis. These companies' increasing fortunes illustrate how the industry is beginning to recognize the threat. Despite bootstrapping startups and community-driven projects, crypto security services have become indispensable.
According to Paul Frambot, chief executive officer of crypto startup Morpho Labs, "we have spent so much money on audits." "DeFi is not taking security seriously enough," he said, referring to trading, borrowing, and lending crypto without a central intermediary.
The demand for protection is growing among investors. According to CB Insights, venture capital firms have invested $257 million in crypto auditing
and security firms this year, up from $185 million in all 2021.
Rising threat
During the roughly decade-long existence of crypto, crypto thieves have stalked the industry, from the Bitfinex exchange hack in 2016 to the PolyNetwork protocol exploit last year.
The problem has worsened recently due to a relatively new part of the ecosystem that's become a juicy target: crypto bridges and software platforms that let coins designed for one blockchain be used on another. In the first seven months of 2022, crypto bridges were hacked for over two-thirds of the total value stolen. The Ronin Bridge connected to the Axie Infinity online game was attacked by hackers in March, making off with cryptocurrency worth about $600 million. Bridges are not the only targets. Hundreds of millions of dollars have been lost in the exploits of other projects, such as DeFi apps. In many of these projects, smart contracts - code that executes transactions automatically and cannot be reversed - are used, making errors in design particularly costly.
Earnings of $400,000
Experienced developers perform audits on code to identify bugs, security concerns, and other issues that could make the technology run unintendedly—automated tools scan code by some crypto auditors. Like OpenZeppelin, others audit the code line by line, one after another. A protocol developer may be able to fix the weaknesses identified and then have the auditor review those patches.
According to Zeth Couceiro, founder of crypto recruitment firm Plexus Resource Solutions, salaries for experienced blockchain auditors can exceed $400,000 yearly. Typically, they earn around 20 percent more than developers working on Solidity, one of the most popular crypto languages. This is due to the requirement to have a coding background and understand the architecture to identify vulnerabilities, according to Zeth Couceiro, founder of crypto recruitment firm Plexus Resource Solutions.
