Connect with us


John McAfee’s Bitfi wallet hacked, to remove ‘unhackable’ tag from marketing materials

Anirudh VK



John McAfee's Bitfi wallet hacked, to remove 'unhackable' tag from marketing materials
Source: Unsplash

Bitfi wallet, the so-called “unhackable” wallet championed by John McAfee, recently released a statement that they would be removing the “unhackable” tag from their marketing materials in response to the security of the device being compromised by user @spudowiar on Twitter.

They also suspended their bounty program but launched “conventional” through the Hacker One platform. The statement in question said that Bitfi has hired a security manager to “confirm vulnerabilities” that have been discovered by researchers. They said:

“While our intention has been to unite the community and accelerate the adoption of digital assets worldwide, we realize that some of our actions have been counterproductive to that goal.”

Source: Bitfi official website

Source: Bitfi official website

Source: Bitfi official website

Source: Bitfi official website

Even as Bitfi stated that they will no longer use the claim of their wallet being unhackable, the website displays instances of the usage of the term both on their homepage and some other pages.

The attack successfully removed all the stored funds from a Bitfi wallet which was unmodified, with the inherent flaws in the architecture of the wallet. It was uncovered by researchers Saleem Rashid and Ryan Castellucci as a part of the team “THCMKACGASSCO”, and can be executed even when the wallet is switched off.

The wallet reportedly relies on a two-fold method to ensure the security of the users’ funds. One is the secret phrase, a mainstay of any wallet storing cryptocurrencies, and the other is a “salt” phrase or value, which is used to encrypt the secret phrase to deny access.

In a statement to TechCrunch, Rashid stated that the private keys are stored in the memory of the wallet. Moreover, he posted a video on to Twitter of the wallet being ‘cold boot attacked’, as rooting the device does not wipe the RAM. This, in turn, led to him extracting the memory, finding the keys and successfully removing the funds from the wallet.

The video shows Rashid running an exploit on the computer that effectively hacks the unhackable wallet. After proceeding with the exploit, the funds are effectively removed from the wallet.

John McAfee, who promoted the wallet extensively, said, after the first exploit:

“The press claiming the BitFi wallet has been hacked. Utter nonsense. The wallet is hacked when someone gets the coins. No-one got any coins. Gaining root access in an attempt to get the coins is not a hack. It’s a failed attempt. All these alleged “hacks” did not get the coins.”

In a statement to TechCrunch, Bill Powell, the Vice President of Operations at BitFi, stated:

“[A hack is] anything that would allow an attacker to access funds held by the wallet…because the device does not store private keys, that is what prompted the unhackable claim”

Security researchers, however, claimed that any update by the team would not be able to fix the wallet to make it more secure. This is due to the fact that the flaw is inherent in the architecture of the system.

User dwfogel said:

“If you guys are serious the first thing you need to do is recall the current hardware – it’s inherently insecure.”

User OverSoftNL, one of the first security researchers to attempt hacking the wallet also agreed that it was insecure, stating:

“It is, there is no way to fix this with a firmware update.”

Subscribe to AMBCrypto’s Newsletter

Follow us on Telegram | Twitter | Facebook

Anirudh VK is a full-time journalist at AMBCrypto. He has a passion for writing and interest towards the future of blockchain technology and cryptocurrencies. He does not own any cryptocurrencies currently.


Binance coin pumps by over 6% in an hour; breaks its all-time high

Namrata Shukla



Source: Pixabay

On June 20, Binance coin [BNB], a coin ranked seventh on CoinMarketCap, surged by a massive 6.38% over the past hour. The coin also broke its all-time high and was trading at $36.47, at press time.

Source: Trading view

Source: Trading view

At press time, BNB was being traded at $36.47 with a market cap of $5.097 billion. The 24-hour trading volume of the coin was reported to be $571.64 million, as it spiked by 2.35% over the day. Over the past seven days, the coin noted a rise of 2.03% in its price and continued to rise by 6.38% within the hour.

This hike follows Singapore-based cryptocurrency exchange, KuCoin, listing Binance coin [BNB] and Binance announcing the launch of Elrond project on Binance launchpad. Binance funded the sharding-based public blockchain network in a private funding round, as the company closed the round with $1.9 million. It will be the next project supported by Binance launchpad and the token sale will be carried out in a lottery fashion. The token sale is scheduled to begin from June 22, 00:00 AM [UTC].

The coin was highly traded on Binance exchange with BNB/USDT pair and BNB/BTC pair. BNB/USDT took the first place as it noted a 24-hour trading volume of $137 million, followed by BNB/BTC which reported a volume of $126 million. The third position was taken by LBank exchange, which registered a trading volume of $120 million with BNB/USDT pair.

Subscribe to AMBCrypto’s Newsletter

Continue Reading