15-Year Old Hacker Plays Doom on “Unhackable” Bitfi Crypto Wallet
John McAfee has been getting roasted by the security community after claiming his Bitfi wallet is “unhackable”. McAfee was dealt another blow today when a 15-year old hacker posted a video of him playing Doom on the Bitfi crypto wallet.
Working from his parents’ house, 15-year old hacker Saleem Rashid managed to run the classic first-person shooter Doom on the allegedly unhackable Bitfi wallet.
That wallet has been heavily promoted by antivirus-expert-turned-crypto-evangelist John McAfee, who claims the device is unhackable.
We are increasing the bounty for hacking the https://t.co/VJ7qrOxQqL wallet to $250,000. The rules require you to empty the contents of a BitFi wallet that we have pre-loaded and have sent to you. You must pay for the wallet and its contents. Rules at https://t.co/jUUVmH77Mg
— John McAfee (@officialmcafee) July 31, 2018
Last month, McAfee offered a bounty of $100,000 to anyone who could hack the Bitfi crypto wallet. The bounty has since increased to $250,000.
Within days of launching the Bitfi wallet, the wallet was criticized online by the crypto and security communities alike. Security experts claimed Bitfi was little more than a cheap Android device made from low-quality parts. Cryptography experts claimed the private key storage system was subpar.
In early August, reports started appearing online of users who purportedly rooted the Bitfi wallet. These users were able to gain root access to the Bitfi wallet, modifying the boot screen and changing other settings on the device.
Hackers saying they have gained root access to the BitFi wallet. Well whoop-de-do! So what? Root acces to a device with no write or modify capability. That's as useless as a dentist license un a nuclear power plant. Can you get the money on the wallet? No. That's what matters.
— John McAfee (@officialmcafee) August 2, 2018
Rashid, the 15-year old hacker mentioned above, gained root access to the Bitfi wallet, then used that root access to run Doom.
In recognition of @Bitfi6 and @officialmcafee and their prestigious @PwnieAwards accolades, we'd like to show you @spudowiar playing DooM on his #BitFi secure wallet! Congratulations! pic.twitter.com/50qZZu1MnF
— Abe Snowman (@AbeSnowman) August 9, 2018
Rashid has previously made headlines in the crypto community for showing it’s possible to extract sensitive information from other hardware wallets, including Trezor. Rashid detailed his Trezor data extraction online at SaleemRashid.com.
Rashid describes himself as an “adversarial thinker” and claims he rooted the wallet and installed Doom without much difficulty.
McAfee Claims Gaining Root Access Isn’t Hacking
The important thing to note is that even with this latest hack, Bitfi’s bitcoins were not affected, and Rashid was not able to steal bitcoins from the wallet.
John McAfee has previously responded to such attacks with a similar message. He admits these hackers successfully gained root access to the device but denies that this constitutes hacking. Until someone manages to access the bitcoins on the Bitfi wallet, McAfee has no plans to pay the bounty.
The press claiming the BitFi wallet has been hacked. Utter nonsense. The wallet is hacked when someone gets the coins. No-one got any coins. Gaining root access in an attempt to get the coins is not a hack. It's a failed attempt. All these alleged "hacks" did not get the coins.
— John McAfee (@officialmcafee) August 3, 2018
We expect McAfee to respond to this latest attack in a similar way.
Nevertheless, security experts claim it’s just a matter of time before hackers gain access to bitcoins on the device. Other hackers have been able to modify the boot screen of the device and perform other actions, and a complete crack of the bitcoin storage solution may be just around the corner.
Until the Bitfi wallet relinquishes its bitcoins, however, nobody will be eligible to claim the $250,000 bounty from John McAfee – no matter how many 90s first person shooters you run on the wallet.