Sometime around September 2021, Immunefi reportedly secured $5.5 million in funding. Considering recent events which saw one of the big bounty and security arms of DeFi loose about $2 billion to crypto scams and hackers this year, the $5 million from last year seems like an inconsequential investment.
Once again Immunefi has upped its total funding to $29.5 million as it secured another $24 million in Series A funding led by Framework Ventures. Other co-investors in the funding were Electric Capital, Samsung Next, and Polygon Ventures.
Immunefi assists Web3 projects which require security checks by linking them up with whitehat hackers who evaluate their vulnerabilities for monetary gains. Whitehat hackers may charge as high as $10 million but this is well worth the cost considering the huge investments, and cryptocurrency which are at risk.
Reputable tech companies like Microsoft and Apple have adopted the big bounty methodology. In Web3, this methodology was previously not so popular because hackers may be more motivated (financially) to steal money than report a bug for rewards. For instance compared to the $10 million potential compensation, hundreds of millions may be stolen by these hackers.
Immunefi had dispensed $60 million to whitehat hackers since it launched in December 2020. According to the company, this has helped to secure over $25 billion of users’ funds from being lost to hackers.
Bug pay-outs in crypto are not quite the same in Web 2.0. For instance $5,000 pay-out is inconsequential if it puts $100 million at risk. With Immunefi, the bug bounty is designed to make projects reward big vulnerabilities with a standard 10% of the potentially risked funds which is at stake.
This explains the logic behind some of the huge bug bounties recorded so far which trumps the $2 million bug bounty offered by Apple which is the largest so far. One example is the $6 million paid by bridging and scaling Ethereum solution company Aurora. Another example is the $10 million reward paid by generic cross-chain messaging protocol; Wormhole.
These developments which encourages open code, and direct exploits that can be monetized is seriously positioning Web3 as the most visible interventionist software development space globally. Speaking on this the founder and CEO of Immunefi Mitchel Amador explained:
“By shifting incentives towards whitehats, Immunefi has already saved billions of dollars of user funds. Projects across crypto are rapidly realizing that it’s better to use Immunefi than publicly begging hackers to return funds or pay a ransom. We’re using this raise to scale our team to meet this massive challenge”. This opportunity will undoubtedly go a long way to secure huge investments for many companies.
Although Immunefi is in a world of it’s own for now, some players are emerging. An example is Safehorn which just raised $7 million which it intends to use to secure private keys. Another company HackerOne recently advanced from Web 2.0 to Web3.
As originally reported in (https://techcrunch.com/2022/09/22/web3-bug-bounty-platform-immunefi-raises-24m-for-its-series-a-funding-round/)