John McAfee BitFi Wallet Finally Hacked? Unhackable Buzzword Dropped After Recent Breach

One of the things we always need to remember in the crypto space is that ‘nothing is unhackable.’ And this can happen to John McAfee as well. The important cryptocurrency figure was backing a virtual currency wallet which was considered ‘unhackable.’ However, in the last days it has been hacked twice.

Bitfi Wallet Gets Hacked Again

Important security developers were able to hack the wallet for the second time and could be able to have access to the stored funds. The $120 dollars wallet works with a user-generated secret phrase and with a ‘salt’ value such as a phone number. In this way, it is possible to scramble the secret phrase using cryptography.

These two unique values provided allow users to be sure that their funds are secure. However, security researchers say that the information about the secret phrase and salt can be easily extracted. If an individual has access to this information, private keys can be generated and thus, funds can be stolen.

This has been shown by the twitter user known as @spudowiar on August 30.

The information has been shared by Saleem Rashid and Ryan Castellucci. In a video, Rashid shows how he sets a secret phrase and salt. After it, he runs a local exploit and is able to extract the keys from the device.

Andrew Tierney, a security researcher at Pen Test Partners, was able to verify the attack. He has also been one of the hackers behind Bitfi. The company was offering $250,000 dollars for those able to conduct an attack. Tierney explains that the attack meets the requirements of the bounty, even if it does not meet the specific terms set by Bitfi.

However, John McAfee informed that the wallet is hacked only if a user gets the coins. As nobody got them, it is not possible to consider the attack as successful.

Bill Powel, vice president of operations at Bitfi said that users should get the funds held by the wallet.

“Because the device does not store private keys, that is what prompted the unhackable claim,” explained Powel.

After this situation, the company hired an experienced security manager that will be confirming the vulnerabilities found by the researchers. At the same time, they closed the bounty programs and deleting the ‘unhackable’ words from their website.

Back in July, the company received the Pwnie Award for Lamest Vendor Response, a prize given to companies that react the worst in response to security issues.

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide