– Whitehats see reentrancy as the most common vulnerability when reviewing code.
– Whitehat hackers are not driven by money.
– The more Web3 grows, the more career opportunities it offers.
Whitehats prefer the Ethereum blockchain over the others, but interest in Ethereum dropped by 4 per cent, says Immunefi in its Hacker Ecosystem Survey 2023. The leading bug bounty and security services platform for Web3 surveyed whitehats to get an insight into their interests, challenges and opportunities in Web3. It saw a significant increase in interest in Tezos, a 122.2 per cent YoY growth.
The survey found “reentrancy” as the most common vulnerability whitehats come across when reviewing code, followed by access control. Other vulnerabilities include input validation, oracle manipulation and logical errors. There are also rounding errors, gas optimization, unchecked returned values, uninitialized proxy, and flash loans.
Not Doing It for the Money
Immunefi, in its report, highlighted that money is not the driving factor in whitehat hackers’ interest. Most respondents, 77 per cent, are mainly interested in solving technical challenges. About 69 per cent of respondents said financial gains, 62 per cent pointed out career opportunities, and 38 per cent said community.
But most whitehats (55.8 per cent) said hacking is their primary job. 44.2 per cent of the respondents phish in their free time and spend most of their day as software developers within the Web3 or security industries. But there has been a significant increase in whitehats hacking in their free time, compared to 39.8 per cent in the previous period – an 11 per cent YoY growth.
The survey found that more whitehats are joining the field and using their free time to work on transitioning to Web3 cybersecurity full-time. Most whitehats, on average, have worked in cybersecurity for almost four years and have been inclined towards Web3 security for almost two years.
All Eyes on Web3
Web3 is a high-paying industry. The more this space grows, the more career opportunities it offers. Whitehats believe their role in security is of high value for the industry and is well-rewarded as the technology leads to monetary funds being directly at risk. Web3 brings a host of possibilities. Whitehats see a steep learning curve, irrespective of previous cybersecurity or Web2 development background, as a key challenge.
Keeping up with the industry is challenging given the complexity of solidity coding and protocols, possible attack vectors in Web3 and the continuously evolving requirements.
Mitchell Amador, CEO of Immunefi, believes there is a need always to stay ahead of bad actors. He said it’s crucial to have the most talented security ecosystem in place and to operate under a reliable incentivized system. Amador added that working closely with whitehats, sharing insights and growing from their experience is of tremendous value and will continue to be beneficial, as they are on the frontline of protecting the industry.
Source: https://www.thecoinrepublic.com/2023/04/10/92-of-hackers-want-eth-interest-in-tezos-surged-by-122-survey/