11-21-2024
BSV
$66.31
Vol 195.76m
-3.21%
BTC
$97393
Vol 115984.14m
3.52%
BCH
$481.84
Vol 2125.35m
8.54%
LTC
$88.39
Vol 1415.32m
4.35%
DOGE
$0.38
Vol 10058.45m
0.87%
Getting your Trinity Audio player ready...

Antivirus mogul John McAfee has suffered another embarrassing failure at the hands of his much-hyped ‘unhackable’ cryptocurrency wallet, Bitfi.

Fresh from receiving the ‘Lamest Vendor Response Award’ at the Pwnies, a high profile cyber security awards ceremony held last week, Bitfi has been hacked for a second time, fundamentally undermining sMcAfee’s claim that the product is ‘unhackable.’

After hackers previously exploited loopholes to play video game DOOM on Bitfi wallet servers, cybersecurity researchers have now managed to send signed transactions, in spite of so-called ‘security’ measures designed to prevent these types of exploits.

https://twitter.com/cybergibbons/status/1028987435873648640

The researchers are now claiming the $10,000 bounty for uncovering bugs in the wallet, conditional on three tests set by Bitfi: that researchers demonstrate they can modify the device, that they can connect to Bitfi servers, and that they can transmit sensitive data using the device.

Security researcher Andrew Tierney, also known as Cybergibbons, said that these conditions had been met by the latest hack. In an interview with The Next Web, Tierney said, “We intercepted the communications between the wallet and [Bitfi]. This has allowed us to display silly messages on the screen. The interception really isn’t the big part of it, it’s just to demonstrate that it is connected to the dashboard and still works despite significant modification.”

He added, “We have sent the seed and phrase from the device to another server, it just gets sent using netcat, nothing fancy. We believe all [conditions] have been met.”

Known for his outlandish and overblown claims, McAfee announced during the launch of Bitfi that the wallet was essential impenetrable, saying: “Of all today’s elaborate and sophisticated methods for making wallets secure and easy to use, surely none is as epic as that of the new Bitfi wallet. Several of my competitors have pioneered innovative methods to protect private keys, but Bitfi pulled out all the stops to ensure that the private key can never be obtained by illicit means.”

The latest hack only compounds the previous flaws identified in Bitfi, and should, by rights, lead to a payout of the $10,000 bounty.

At the time of writing, there was no confirmation from Bitfi that the bug bounty would be paid, although on the face of it, it looks as though the researchers have satisfied all three of the eligibility criteria.

Recommended for you

BIT Mining hit with $10M fine over bribery charges
In its previous existence as a casino and sports lottery firm, BIT Mining reportedly paid $2 million in bogus consultation...
November 21, 2024
Donald Trump’s role in the ‘crypto’ boom
Donald Trump pledged to make the United States the "crypto capital of the world." For the first time in nearly...
November 21, 2024
Advertisement
Advertisement
Advertisement