Not sure how many hours go into finding these sorts of vulnerabilities, but his rate of $150/hour[1] seems like a steal compared to the lost revenues he can prevent.
On the flip side, Homakov personally has incredibly bad OPSEC practices which would make me think twice for using him. There's a correlation between what you pay and what you might get.
What do you even mean to have "incredibly bad OPSEC practices"? Without an explanation, your comment comes across as more unnecessary snark, which unfortunately isn't uncommon in threads that remark upon Homakov, or on HN in general.