Web3 is generating a lot of opportunities for blockchain-native businesses, but it’s also creating serious security vulnerabilities.

Blockchain security firm CertiK has raised $60 million in funding from SoftBank Vision Fund II and Tiger Global, further cementing its unicorn status after raising a combined $290 million over nine months.

The raise comes at a time when the blockchain community is leading growth around Web3 application development and creating new use cases for virtual ecosystems, especially in gaming, nonfungible tokens (NFTs) and decentralized finance (DeFi). “When development moves at breakneck speed, mistakes happen,” CertiK’s vice president of marketing Monier Jalal explained to Cointelegraph in a written statement. He continued:

“With current Web3 development, security most often is an afterthought — and this is the danger. Early-stage maturity around new infrastructure, e.g., cross-chain bridges or DeFi lending schemes, e.g. flash loans, are targets for hackers.”

Jalal said the “financial nature” of digital assets and DeFi protocols make their rewards much greater than anything we’ve seen in the Web2 era. “The magnitude of impact coupled with increasing trends around Web3 development and resulting hacks is what’s driving the demand for Web3 security,” he said.

Related: The future of the internet: Inside the race for Web3’s infrastructure

Venture funds have placed a strong emphasis on blockchain security services. Earlier this month, CertiK raised $88 million in Series B3 funding, doubling its valuation to $2 billion, in a raise that was led by Insight Partners, Tiger Global and Advent International. In December 2021, the company raised $80 million in a Sequoia-led funding round.

Security vulnerabilities make for routine headlines in the crypto industry. In January, research from bug bounty service ImmuneFi revealed that DeFi hacks drained over $10.2 billion worth of funds in 2021 alone. Earlier this month, Axie Infinity’s Ronin Bridge was hacked for over $600 million after the attackers were able to gain access to the private keys of validator nodes.

What's your reaction?