BSV
$52.46
Vol 22.96m
-8.77%
BTC
$96080
Vol 51574.68m
-2.46%
BCH
$445.93
Vol 408.52m
-4.62%
LTC
$98.53
Vol 951.71m
-6.59%
DOGE
$0.31
Vol 6530.28m
-9.37%
Getting your Trinity Audio player ready...

Antivirus mogul John McAfee has suffered another embarrassing failure at the hands of his much-hyped ‘unhackable’ cryptocurrency wallet, Bitfi.

Fresh from receiving the ‘Lamest Vendor Response Award’ at the Pwnies, a high profile cyber security awards ceremony held last week, Bitfi has been hacked for a second time, fundamentally undermining sMcAfee’s claim that the product is ‘unhackable.’

After hackers previously exploited loopholes to play video game DOOM on Bitfi wallet servers, cybersecurity researchers have now managed to send signed transactions, in spite of so-called ‘security’ measures designed to prevent these types of exploits.

https://twitter.com/cybergibbons/status/1028987435873648640

The researchers are now claiming the $10,000 bounty for uncovering bugs in the wallet, conditional on three tests set by Bitfi: that researchers demonstrate they can modify the device, that they can connect to Bitfi servers, and that they can transmit sensitive data using the device.

Security researcher Andrew Tierney, also known as Cybergibbons, said that these conditions had been met by the latest hack. In an interview with The Next Web, Tierney said, “We intercepted the communications between the wallet and [Bitfi]. This has allowed us to display silly messages on the screen. The interception really isn’t the big part of it, it’s just to demonstrate that it is connected to the dashboard and still works despite significant modification.”

He added, “We have sent the seed and phrase from the device to another server, it just gets sent using netcat, nothing fancy. We believe all [conditions] have been met.”

Known for his outlandish and overblown claims, McAfee announced during the launch of Bitfi that the wallet was essential impenetrable, saying: “Of all today’s elaborate and sophisticated methods for making wallets secure and easy to use, surely none is as epic as that of the new Bitfi wallet. Several of my competitors have pioneered innovative methods to protect private keys, but Bitfi pulled out all the stops to ensure that the private key can never be obtained by illicit means.”

The latest hack only compounds the previous flaws identified in Bitfi, and should, by rights, lead to a payout of the $10,000 bounty.

At the time of writing, there was no confirmation from Bitfi that the bug bounty would be paid, although on the face of it, it looks as though the researchers have satisfied all three of the eligibility criteria.

Recommended for you

Who wants to be an entrepreneur?
Embodying the big five personality traits could be beneficial for aspiring entrepreneurs, but Block Dojo shows that there is more...
December 20, 2024
UNISOT, PSU China team up for supply chain business intelligence
UNISOT revealed a new partnership with business intelligence and research firm PSU China, which will combine its data with UNISOT's...
December 20, 2024
Advertisement
Advertisement
Advertisement