Bug Bounties Hit Limits as AI Puts Crypto Hackers on Equal Footing

Mitchell Amador, CEO of Immunefi, highlighted at Token2049 in Singapore that AI tools have democratized access to technology for hackers, allowing groups like Lazarus to execute sophisticated attacks. The bug bounty ecosystem, having paid out over $100 million, is facing challenges since there aren't enough resources to cover vulnerabilities comprehensively. The $1.4 billion hack of Bybit revealed significant security gaps, underscoring that audits and bug bounties alone are insufficient. AI has accelerated the transition from vulnerability discovery to exploitation, compelling developers to adopt more proactive measures, such as integrating AI into their workflows. While traditional audits play a role, they miss many subtle vulnerabilities, necessitating a hybrid approach that combines manual reviews with AI scanning. Bug bounties may have reached their maximum effectiveness without new innovations to attract security researchers, as the industry grapples with persistent threats and the need for improved security infrastructure.

Source 🔗