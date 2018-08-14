John McAfee’s cryptocurrency wallet Bitfi, termed 'unhackable' by him, has been hacked again. Despite various security mechanisms to prevent hackers from penetrating into its accounts, researchers at Pen Test Partners were able to send signed transactions using Bitfi, thereby fulfilling a vital requirement for the hardware wallet’s bounty programme.



Well, that's a transaction made with a MitMed Bitfi, with the phrase and seed being sent to a remote machine.

That sounds a lot like Bounty 2 to me. pic.twitter.com/qBOVQ1z6P2 — Ask Cybergibbons! (@cybergibbons) August 13, 2018

As per a report in The Next Web, in late July, McAfee announced a partnership with Bitfi to promote the security of its new cryptocurrency wallet. However, it seems that the company was prematurely confident about the security of its digital wallet as hackers have been able to penetrate the McAfee Bitfi account numerous times.

A $10,000 reward was announced by John McAfee for anyone who would hack the Bitfi wallet. Researchers are confident that they have fulfilled all the requirements to win the prize. The bounty required anyone to demonstrate three things - ability to modify the device, connect to Bitfi’s servers, and send data from the device.

Researchers were able to gain root access to the device two weeks ago, and they have confirmed that the device was still connected to Bitfi’s servers. To fulfill the last requirement, security researcher Andrew Tierney confirmed that he was able to send the device’s private keys and passphrase to a remote server.

“We have sent the seed and phrase from the device to another server — it just gets sent using netcat, nothing fancy.” said Tierney. “We believe all have been met.”