ETHERLive
ETHERLive delivers real-time price and volume data across 16+ exchanges to users in a clear and easy-to-understand package. Users can get up-to-the-second updates for each exchange/currency pair, as well as aggregated market averages for each exchange, currency, and the market as a whole. It also provides a global converted average of all the currency pairs monitored by ETHNews, converted to USD.

---

24hr ---
--%
Friday Oct 19th 2018
RESOURCES

The Basics

Learn the basics of Ethereum and various cryptocurrency technologies

Learn More

What is Ethereum?

Understand the underlying principles of the Ethereum Platform

Learn More

The Blockchain

Discover the revolutionizing technology known as the blockchain

Learn More
SUBMIT

Press Release

Submit a press release for consideration on ETHNews

Submit Press

Story / Dapp

Submit a story or DAPP to be considered for publication on ETHNews.

Submit Story

Explanation

Submit "Ethereum Explainer" content for consideration to be featured on ETHNews

Submit Topic
ETHNews Logo
---
--%
Home
News
Etherlive
Ether Price Analysis
Resources
Contact Us

McAfee-Backed Bitfi Wallet Offers Hack Bounty, Gets Hacked, Offers Bounty For Better Hack

By

Melanie

Kramer

WriterETHNews.com

The recently released Bitfi cryptocurrency hard wallet came with a $100,000 bounty to hackers who could break its “unhackable” system. No coins have been stolen, but some claim to have hacked the wallet and the bounty has since been raised.

In a June press release, Bitfi, together with security mogul and crypto-enthusiast John McAfee, made a claim most technology makers avoid – that its product was "unhackable."

McAfee said no other security methods were as "epic" as Bitfi's, which "pulled out all the stops to ensure that the private key can never be obtained by illicit means." McAfee then tweeted on July 24:

In response, a number of security and technology companies, including Pen Test Partners, put the wallet to the test and hacked it, though not to the Bitfi's extremely specific requirements.

As noted by Ryan Castellucci, principal security researcher and security engineer at cybersecurity firm White Ops:

"Indeed, you have to be spend $120 on a Bitfi device, and then pay another $10 to 'preload it with coins' to even try, and then you specifically have to hack the wallet associated with [the particular] device they send you. If a researcher found, for example, the device had a weak RNG that allowed for key recovery by examining a series of transactions generated by it, they would not win the bounty."

Castellucci went on to "strongly advise against using one of these devices."

On July 31, Bitfi upped the hacker bounty to $250,000. 

Bitfi said the bounty is not to identify vulnerabilities*, as it claims security is "absolute," but to prove that Bitfi is indeed "unhackable."

The bounty has led to a debate, with some calling it a "sham," as the only way the bounty can be claimed is by retrieving the security key from the device, which doesn't actually hold the key.

McAfee continues to dismiss claims that the wallet has been hacked.

Senior data scientist at the AI-driven marketing firm Vertical Leap Henry Carless expressed his frustration:

"This is getting absurd. Either something's 'unhackable' or it's not. Clearly, as evidenced many times over, the Bifi is not."

McAfee is also launching a privacy phone, the "Cloak Phone," and he is still confident about both technologies. Today, he tweeted :

*A second, $10,000 bounty has also been offered to help identify potential security vulnerabilities. This bounty will be given if a hacker can modify the wallet's firmware in a way that still allows the device to connect to the Bitfi Dashboard and allows the hacker to "transmit either private keys or the user's secret phrase to a third party."

Melanie Kramer

Melanie Kramer is a freelance FinTech, blockchain, and cryptocurrency writer based between France and Canada. Melanie has studied, and retains an avid interest in, global politics, business, and economics.

ETHNews is committed to its Editorial Policy

Like what you read? Follow us on Twitter @ETHNews_ to receive the latest John McAfee, bounty or other Ethereum wallets and exchanges news.