Immunefi, the leading bug bounty and security services platform for web3 which protects over $60 billion in user funds, published its Hacker Ecosystem Survey 2023. 

Home to the largest community of security talent in the crypto space, Immunefi surveyed whitehats to find out their interests, challenges, and the opportunities they see web3 as bringing. The survey provides important insights about where the industry is now, and where it might be headed.

  • When it comes to preferred blockchains, whitehats are primarily interested in Ethereum (92%) with Solana (31%) in second place. Next comes Avalanche (20.4%), Cosmos (13.3%), and Tezos (8%). There has been a significant increase in interest in Tezos when compared to the previous period at 3.6%, representing a 122.2% YoY growth.  

  • When it comes to the growth of attack surfaces in comparison to increased security measures in the industry, whitehats seem to see a balance. While most of the whitehats (76.1%) see attack surfaces growing, the majority (88.5%) also see increased security measures by projects across the industry.

  • Most whitehats mention reentrancy (43.2%) as the most common vulnerability they come across when reviewing code, followed by access control (18.2%). Other vulnerabilities mentioned include input validation (9.1%), oracle manipulation (6.8%), and logical errors (6.8%), followed by rounding errors (4.5%), gas optimization (4.5%), unchecked returned values (2.3%), uninitialized proxy (2.3%), and flash loans (2.3%). 

  • Money does not act as a crucial factor in driving whitehat hackers’ interest — most of the respondents (77%) are interested mainly in solving technical challenges, followed by money (69%), then career opportunities (62%), and community (38%).

  • Most whitehats (55.8%) consider hacking their primary job, while 44.2% do it in their free time, spending most of their day as software developers within the web3 or security industries. There’s been a significant increase in whitehats hacking in their free time as compared to 39.8% in the previous period, representing a 11% YoY increase. Overall, more whitehats are joining the field and using their free time to work on transitioning to web3 cybersecurity full-time. 

  • On average, most whitehats have been working in cybersecurity for almost 4 years, and have been interested in web3 security for almost 2 years.                                

“We need to always stay ahead of bad actors, and one crucial way to do so is to keep ensuring we have the most talented security ecosystem in place, operating under a reliable incentivize system”, said Mitchell Amador, CEO of Immunefi. “Working closely with whitehats, sharing insights, and growing from their experience is of tremendous value and will continue to be beneficial, as they’re on the frontline of protecting the industry.”  

Whitehats show particular excitement about being a part of a new, challenging, and evolving industry that promotes the concepts of decentralization and transparency. Web3 is a high-paying industry that offers greater career opportunities as the field grows. Whitehats feel their role in security is of high-impact for the industry and is generally well-rewarded, since the technology leads to monetary funds being directly at risk. Although web3 brings a host of possibilities, most whitehats highlight the steep learning curve, regardless of previous background in cybersecurity or web2 development, as a key challenge. The complexity of Solidity coding and protocols, the possible attack vectors in web3, and the fact that requirements are continuously evolving, make keeping up with the industry a difficult but important task in order for whitehats to succeed.

Immunefi is the largest and most widely adopted bug bounty platform in web3 which is trusted by established, multi-billion dollar projects like Chainlink, Wormhole, MakerDAO, TheGraph, Synthetix, and more. Immunefi has paid out the most significant bug bounties in the software industry, amounting to over $70 million, and has saved over $25 billion in user funds.

The full survey report is available on Immunefi’s website. In addition, Immunefi published the Crypto Losses Report in 2022, a report series where the team regularly assesses the volume of crypto funds lost by the crypto community due to hacks and scams by year and by quarter, and the Top Crypto Bounty and Ransom Payouts Report, detailing the most important industry bug bounty payments to date, as well as ransom payments. 

About Immunefi

Immunefi is the leading bug bounty and security services platform for web3, which features the world’s largest bounties. Immunefi guards over $60 billion in user funds across projects like Synthetix, Chainlink, SushiSwap, Polygon, Bancor, MakerDAO, TheGraph, Wormhole, Optimism, and others. The company has paid out the most significant bug bounties in the software industry, amounting to over $70 million, and has pioneered the scaling web3 bug bounties standard. For more information, please visit https://immunefi.com

This press release was originally published on this site

You May Also Like

Discover the DCK (DexCheck) Listing on XT.COM

XT.COM, the world’s first socially infused trading platform, is thrilled to announce…

Introducing Mocapart: The First NFT Art Gallery of Motion

Mocapart, a groundbreaking marketplace, is revolutionizing the world of digital art by…

MGBSP Services LLC, Led by Martyn Kingsley, Announces Multi-Million Dollar Secured Receivables Strategy

PHILADELPHIA, Oct. 03, 2025 (GLOBE NEWSWIRE) — MGBSP Services LLC, a Pennsylvania-based…

Community-Driven $BROCCOLI Project debuts on BNB Chain

February 21, 2025 – The cryptocurrency space welcomes a unique new player,…

DeFiQuant Offers Competitive Pricing and Tailored Plans for Crypto Traders of All Levels

In a significant leap forward for the cryptocurrency market, DeFiQuant is proud…

TURN Network Releases Revolutionary Public Chain Whitepaper: Building Infrastructure for Full On-Chain Gaming, Ushering in a New Era of Decentralized Gaming in the 5G Age

On February 7, 2024, TURN Network published a whitepaper. TURN Network is primarily focused…

EarnPark Announces Tier 3 PARK Token Sale After Two Successful Rounds

EarnPark, the innovative crypto platform combining CeFi simplicity with DeFi-level yields, has…

ELFi Protocol, a DEX Derivatives Platform, Officially Launched with a $100,000 Airdrop Event

Singapore, Singapore, 15th August 2024, Chainwire

UPCX Staking Airdrop Event (July 2025): Generous Rewards to Boost the Payment Ecosystem

The UPCX innovative open-source blockchain payment platform has announced a new staking…

GOAT Network Launches BTC Yield Dashboard, The Only Way to Earn Real Bitcoin Yield

GOAT Network has officially launched the world’s first suite of sustainable, chain-level Bitcoin yield products,…