McAfee, of security software fame, has taken a shot at creating an “unhackable” Bitcoin wallet by the name of BitFi. Their efforts, however, have not gone so well.
While we know how vulnerable cryptocurrency exchanges can be to hacking, cryptocurrency wallets can also fall victim to phishing attacks and other hacking.
So, it makes sense that someone would try to create an unhackable wallet.
However, for John McAfee, known for security software, that feat proved difficult.
Wallet to be Removed in Wake of Second Hack
That’s right — the “unhackable wallet” got hacked not once, but twice.
Perhaps due to McAfee’s brazen idea to put a $100,000 USD bounty out for hackers, someone first hacked the wallet just one week after its launch. However, it was not until they raised the bounty to $250,000 USD that someone hacked it.
The person also had to purchase a wallet for $120 USD beforehand, as well.
Twitter user OverSoftNL detailed how the hack went down with McAfee rebuffing the attempt tweeting: “Can you get the money on the wallet? No. That’s what matters.”
It’s a bummer for Bitfi, crypto-wallet maker, who did ask for help from the infosec community after the initial hack took place. As a result of both hacks, the company decided to remove the claim that the wallet is “unhackable”.
Their statement outlines vulnerability confirmation, wallet shut down, and shut down of the “bounty programs”. I guess that means the initial hackers won’t get those $250,000 bonuses.
The second attack enabled hackers to get all stored funds in an unmodified Bitfi wallet. It involves the salt value and secret phrase which hackers can extract. Thus, they can generate private keys and then steal the money in the wallets.
It’s known as a “cold boot attack” that can happen even with Bitfi wallets turned off.
Bitfi not Giving up on the Wallet Entirely
Despite the very clear and devastating evidence, Bitfi isn’t giving up yet.
Despite the “negativity and the anger on social media“, Bitfi wants to fix the wallet. They want to address the issue instead of just recalling the product — an admirable notion.
McAfee, however, has remained oddly quiet about this subject on Twitter.
Comments (0)
Most Recent