Apparently, John McAfee’s Bitfi bitcoin wallet has been hacked following a $250,000 hacking challenge made by its developer. Bitfi, which has promoted the wallet as “unhackable,” together with promoter John McAfee is yet to make comments regarding a post from security research group OverSoftNL, where is stated to have acquired root access.
The tweet at the center of attention was posted yesterday, by Oversoft and it states:
“Short update without going into too much detail about BitFi: We have root access, a patched firmware and can confirm the BitFi wallet still connect happily to the dashboard. There are NO checks in place to prevent that like claimed by BitFi.”
Bitfi was not quick to comment on the tweet but later seemed to made reference to it in the following post.
In a later tweet on the same thread, Oversoft blamed Bitfi for using its $250,000 bounty as a marketing tool, stating it would not hand over any data regarding security vulnerabilities as of now.
Similar to its promoter, Bitfi has made a bit of a reputation as a confident and sometimes brash self-promoter, stating on numerous occasions that the hardware wallet is unhackable and even promising a cash offer to anyone that could be able to hack it.
From $100,000, this offer rose to $250,000 as John McAfee intensified the situation reacting to disapproval from security researchers. To make things more attractive, Bitfi went ahead to specify that the offer was not meant to help it identify security weaknesses, stating that its stance of being “unhackable” was outright.
From that point, a dispute broke out between Bitfi and a number of security researchers who found faults in Bitfi’s claims. Ryan Castellicco was reportedly quoted saying that Bitfi is “a cheap stripped down Android Phone” that he would “strongly advise against using.”
Another group of researchers went ahead to blame Bitfi for protecting questionable apps on its device such as Chinese search engine Baidu and the Adups malware, both of which they claim usually “called home.”
As a response, Bitfi released a detailed rejection of these claims, blaming Oversoft of working for its competitors and repeating its $250,000 offer.
But yesterday, from the look of things, Oversoft seem to have evidence that proves their claims, citing that the apps in the discussion really track and monitor on users, different to what Bitfi claimed.
If in any case Bitfi was actually hacked, it is still unknown the response of Bitfi and McAfee.