Around the Coin
Is Your Crypto Safe From Hackers? - Dyma Budorin | ATC #609
Why It Matters
As institutional capital flows into crypto, investors need reliable, standardized security assessments to avoid costly breaches and fraud. Core3’s rating framework could become the benchmark that bridges the trust gap between traditional finance and decentralized ecosystems, making the sector safer and more attractive for mainstream adoption.
Key Takeaways
- •Operational security, not smart contracts, is biggest crypto risk.
- •Core3 offers Moody’s‑style risk ratings for exchanges and DeFi projects.
- •Hackers shift to supply‑chain and social‑engineering attacks.
- •Public risk dashboards can attract institutional investors to crypto.
- •Audits alone insufficient; key management and multi‑sig essential.
Pulse Analysis
Dima Budarin, a veteran of Ukrainian cyber‑defense and co‑founder of Hacken, pivoted to Web3 after a 2017 ICO that awarded his team 33 BTC. That early win sparked a career focused on protecting crypto infrastructure, from smart‑contract audits to the broader operational hygiene that many projects neglect. Budarin emphasizes that while contract code has hardened, the real threat now lies in poor key management, supply‑chain weaknesses, and social‑engineering tactics that bypass technical safeguards.
To address these gaps, Budarin’s new venture Core3 functions like a Moody’s for crypto. It aggregates public data—cold and hot wallet balances, GitHub repositories, AML/KYC practices, and even social‑media authenticity—to generate risk scores for exchanges, brokers, and DeFi protocols. The platform highlights mis‑configurations such as single‑point‑of‑failure multisig setups and missing transaction simulations, offering remediation roadmaps that go beyond traditional ISO certifications. By publishing transparent dashboards, Core3 aims to give institutional investors the confidence to allocate capital to projects rated “AA” rather than speculative “D”‑grade assets.
The broader impact could reshape market behavior. With clear risk metrics, investors can avoid wash‑trading platforms and poorly secured brokers, while projects are incentivized to adopt industry‑standard operational practices. Core3 plans to monetize through premium subscriptions, on‑demand due‑diligence reports, and priority listings, ensuring a sustainable, unbiased model. As the crypto ecosystem matures, such public risk infrastructure may become as essential as financial audits, fostering accountability, reducing hack‑related losses, and paving the way for mainstream institutional participation.
Episode Description
Join host Stephen Sargeant on this special edition of the Around The Coin podcast as he sits down with Dyma Budorin, CEO of Core3 and co-founder/executive chairman of Web3 cybersecurity firm Hacken—to unpack security transparency, risk analytics, and accountability in crypto. Budorin recounts starting Hacken after a 2017 Kyiv competition led to an ICO, and explains why smart contracts are improving while operational security, key management, and supply-chain risks remain major weaknesses, with audits as the main standard and CCSS as a more crypto-relevant framework than ISO/SOC2. He describes Core3 as a public risk-analytics platform—likened to Moody’s or a “Whoop” score—that evaluates exchanges and protocols using public data (including GitHub, wallet analysis, concentration, and social signals) to encourage better practices, detect wash trading, and support institutional due diligence. Budorin also discusses his whistleblowing contributions about alleged gaps around Sumsub’s ownership, audits, and past ties to Smart Engines, urging regulators to investigate.
We are also available via:
Around The Coin — Official Website
Buzzsprout
Apple Podcast
Spotify
Player FM
Quora
Medium
X
Tiktok
Soundcloud
Comments
Want to join the conversation?
Loading comments...