Bug bounty security services platform Immunefi raised $24 million in a Series A round led by Framework Ventures.
Other backers in the round were Electric Capital, Polygon Ventures, Samsung Next, P2P Capital, North Island Ventures, Third Prime Ventures, Lattice Capital, and Stratos DeFi.
Immunefi focuses on bug bounty and security services for Web3 projects. Since its inception in December 2020, the firm has saved over $25 billion in users’ funds, according to a statement on Thursday. Immunefi said it has paid out $60 million in total bounties, and supports over 300 projects including Chainlink, Wormhole, and MakerDAO.
The next big thing
Bug bounties are increasingly becoming an attractive revenue stream for security researchers and an efficient way for tech firms to identify weaknesses in their products. In 2020, Google announced it had paid over $21 million in bug bounties under its vulnerability reward program since 2010, spending $6.5 million in 2019 alone. In 2020, hackers from dozens of countries earned up to $40 million just by identifying system vulnerabilities for various organizations.
Bug bounty rewards have slowly been increasing across crypto as well. In 2019, crypto exchange Coinbase Global (COIN) forked out $30,000 bounty for identifying a critical bug in its systems.
The popularity of bug bounties is also due to the fact that decentralized finance (DeFi) platforms, such as Balancer Labs, are increasingly vulnerable to hacks and theft. DeFi refers to financial activities carried out directly on the blockchain without any third party involvement.
According to a report by crypto sleuth CipherTrace, in the second half of 2020 half of all targeted entities for crypto-related hacks were DeFi platforms, making up 14% of total hacked volume (amounting to $47.7 million).
To this effect, in 2021 DeFi insurance brokerage ArmorFi paid a bounty of $1.5 million to a white-hat hacker who found a "critical bug" that could have seen all the firm’s underwriting funds drained.
“Open code and directly monetizable exploits have made web3 the most adversarial software development space in the world," Mitchell Amador, CEO of Immunefi, said in the statement.
“By shifting incentives towards white hats, Immunefi has already saved billions of dollars of users’ funds," Amador said. "We’re using this raise to scale our team to meet this massive demand," he added.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.