The John McAfee-backed BitFi hardware wallet has been heavily promoted as “unhackable” due to its “fortress-like security” by the device’s developers and the eccentric crypto enthusiast.
However, some have suggested that the “impenetrable” $120 wallet may not be as secure as McAfee and the BitFi team claim it is.
Mcafee's faith in the device has also grown - originally promising a $100,000 reward to anyone who would be able to hack the BitFi hardware wallet, he has reportedly increased the bounty to $250,000.
$10,000 Bounty For Identifying Security Vulnerabilities
The BitFi development team has announced a $10,000 bounty as well for anyone who can modify the device’s firmware and then successfully connect to the BitFi dashboard. Additionally, the BitFi team requires that the compromised device must be able to send the private keys or secret passphrase (SEED) associated with it to an (external) third party “while still functioning normally with the BitFi dashboard.”
In the past 24 hours a number of crypto enthusiasts appear to have taken on the challenge and Twitter user @cybergibbons, one of McAfee’s most well-known critics, posted what seems to be a picture of the wallet having been opened and tampered with:
To those that say the people hating on Bitfi don't have one in their hands.— Ask Cybergibbons! (@cybergibbons) July 31, 2018
Look at this.
Guess what? The device has no idea it's been tampered with. pic.twitter.com/7pbEyhViFy
@cybergibbons further commented that the device was not “custom designed” and that it resembled a “stripped back, low-end Android phone with parts missing.” The security consultant added that the wallet’s processor was not designed for a “high-integrity device.”
“NO Checks” To Prevent Root Access
Earlier, McAfee and his technical advisor had stated that those who were leaving negative reviews about the BitFi wallet did not even own one or had never used it before. This may have motivated more people to buy the iPhone-like touchscreen device just so that they could try to hack it.
Moreover, @cybergibbons was not the only twitter user who now claims to have compromised the hardware wallet’s security system. User @OversoftNL said that he was able to gain “root access” to the device by modifying its firmware. “There are NO checks to prevent [this] like claimed by BitFi”, @OversoftNL noted.
Soon after these claims surfaced, McAfee responded by tweeting that he would release a “definitive video” tomorrow that would counter all this “nonsense":
Stay tuned. Tomrrow I am putting out a definitive video countering all of the nonsense claims instigated and co-coordinated by BirFi's established, monolithic competitors in the hardware wallet space. I will put this to bed.— John McAfee (@officialmcafee) August 1, 2018