RateLimited°C
11-05-2024
BSV
$47.03
Vol 20.28m
4.01%
BTC
$69391
Vol 43976.47m
2.89%
BCH
$341.99
Vol 279.31m
4.29%
LTC
$66.13
Vol 393.72m
0.58%
DOGE
$0.16
Vol 4648.6m
7.33%
Getting your Trinity Audio player ready...

Antivirus mogul John McAfee has suffered another embarrassing failure at the hands of his much-hyped ‘unhackable’ cryptocurrency wallet, Bitfi.

Fresh from receiving the ‘Lamest Vendor Response Award’ at the Pwnies, a high profile cyber security awards ceremony held last week, Bitfi has been hacked for a second time, fundamentally undermining sMcAfee’s claim that the product is ‘unhackable.’

After hackers previously exploited loopholes to play video game DOOM on Bitfi wallet servers, cybersecurity researchers have now managed to send signed transactions, in spite of so-called ‘security’ measures designed to prevent these types of exploits.

https://twitter.com/cybergibbons/status/1028987435873648640

The researchers are now claiming the $10,000 bounty for uncovering bugs in the wallet, conditional on three tests set by Bitfi: that researchers demonstrate they can modify the device, that they can connect to Bitfi servers, and that they can transmit sensitive data using the device.

Security researcher Andrew Tierney, also known as Cybergibbons, said that these conditions had been met by the latest hack. In an interview with The Next Web, Tierney said, “We intercepted the communications between the wallet and [Bitfi]. This has allowed us to display silly messages on the screen. The interception really isn’t the big part of it, it’s just to demonstrate that it is connected to the dashboard and still works despite significant modification.”

He added, “We have sent the seed and phrase from the device to another server, it just gets sent using netcat, nothing fancy. We believe all [conditions] have been met.”

Known for his outlandish and overblown claims, McAfee announced during the launch of Bitfi that the wallet was essential impenetrable, saying: “Of all today’s elaborate and sophisticated methods for making wallets secure and easy to use, surely none is as epic as that of the new Bitfi wallet. Several of my competitors have pioneered innovative methods to protect private keys, but Bitfi pulled out all the stops to ensure that the private key can never be obtained by illicit means.”

The latest hack only compounds the previous flaws identified in Bitfi, and should, by rights, lead to a payout of the $10,000 bounty.

At the time of writing, there was no confirmation from Bitfi that the bug bounty would be paid, although on the face of it, it looks as though the researchers have satisfied all three of the eligibility criteria.

Recommended for you

Tether execs draw dividends as threat of US indictment grows
Tether issued its latest quarterly 'attestation' of the reserve assets allegedly backing the $119.4B in issued USDT as of September...
November 5, 2024
Blockchain firm R3 looking for a buyer: report
R3 has raised over $120 million over the years, but broader market conditions have proven tough as its permissioned blockchain...
November 5, 2024
Advertisement
Advertisement
Advertisement