John McAfee’s Unhackable Bitcoin Wallet Is Hackable, Company Admits
Screenshot by Sean Hollister/CNET
Two weeks ago, it seemed safe to say that John McAfee’s supposedly “unhackable” cryptocurrency wallet had been hacked. (It’s been nearly four weeks since the first security researchers reached that conclusion.)
But it’s only today, in the wake of yet another hack (more details at the link), that wallet-maker Bitfi has decided to admit defeat.
In an announcement on Twitter, the company says it will be removing the “unhackable” claim effective immediately, and the company is also admitting that researchers have identified vulnerabilities.
“We took this step to stop the negativity and the anger on social media which was not healthy,” the company told CNET by email.
When we asked, Bitfi wouldn’t say whether it will award the $250,000 or $10,000 bounties it offered to those who could prove they’d been able to hack the wallet — the company says it will make a “comprehensive public statement” on all issues, including the bounty payments, next week.
Bitfi intends to try to fix the wallet by addressing those issues rather than recalling the product or stopping sales. “Whatever issues we discover will be patched for all customers via our push updates,” the company tells CNET.
on a completely unrelated note, here is a @Bitfi6 being cold boot attacked.
it turns out that rooting the device does not wipe RAM clean. who would have thought it!?
? i feel this music is very appropriate for @Bitfi6 ? pic.twitter.com/jpSnYBd9Vk
— Saleem “Unhackable” Rashid (@spudowiar) August 30, 2018
The tweet also contains something of an apology: “While our intention has always been to unite the community and accelerate the adoption of digital assets worldwide, we realize that some of our actions have been counterproductive to that goal.”
McAfee didn’t immediately respond to a request for comment. He had typically weighed in on Twitter after each previous hack to claim they weren’t actually hacks, but he hasn’t tweeted in the past seven hours.
Update, 4:28 p.m. PT: With additional comments from Bitfi.
READ MORE HERE