On July 27th, John McAfee challenged the crypto community and hackers around the world to try to hack the BitFi hardware portfolio. McAfee has more or less affirmed on several occasions that no one can steal the blocked funds in the hardware portfolio, thus making it inaccessible. The extra size for anyone who could hack the device was $ 100,000 but McAfee raised the jackpot to $ 250,000 only 4 days later through the following tweet:
We are increasing the size for hacking the https: // t portfolio. co / VJ7qrOxQqL for $ 250,000. The rules require you to empty the contents of a BitFi wallet that we have pre-loaded and sent to you. You have to pay the wallet and its contents. Rules on https://t.co/jUUVmH77Mg
– John McAfee (@officialmcafee) 31st July 2018
Alleged trick of the BitFi Wallet
Less than a day later McAfee increased the size, @OversoftNL an "IT geek" from the Netherlands, claimed to have successfully obtained root access to the BitFi portfolio. He made the announcement via Twitter of stating the following :
Brief update without too many details about BitFi:
We have root access, a firmware with patches and we can confirm that the BitFi wallet is it still connects happily to the dashboard.
There are no checks in place to prevent this from being requested by BitFi.
There was no official statement from the BitFi team. Since then they have announced a second size on its website that now pays $ 10,000. The new size is intended to help the BitFi team identify potential security vulnerabilities in encrypting the firmware of the BitFi device. The announcement of the BitFi team continues by adding:
We would like to ask security researchers in the digital resource community to help us with this project.
The rules for claiming the size:
- The firmware of the Bitfi device has been changed
- After the firmware has been modified, the device still has to connect to the Bitfi Dashboard
- The device should therefore be able to transmit the private keys or the secret phrase of the user to a third party while still working normally with the Bitfi dashboard
Please contact [email protected] if you wish to participate. We would appreciate any kind of assistance on this project from the infosec community. This size will be terminated after the first person identifies this security weakness.
@OverSoftNL published the first size as a sham and that the whole is a marketing strategy.
Their first size is a fiction. I and many others have already explained this: it is set up so that it is impossible. Now if we could take the wallet and return it and then allow it to use it, it would be a different story.
– OverSoft (@OverSoftNL) 2 August 2018
They deny everything that is not exactly according to their generosity rules, that is: they will never pay a price. It is pure marketing.
– OverSoft (@OverSoftNL) August 1, 2018
In conclusion, the BitField portfolio proved to be 100% inaccessible as stated previously. John McAfee has since gone out to defend the wallet by stating that nobody has had access to money from the wallet. He specifically wrote the following in one of his last tweets :
The hackers claimed to have gotten root access to the BitFi portfolio. Well, of course! So? Root access to a device without write or edit capability. It's useless as a dentist's license at a nuclear power plant. Can you have money on your wallet? No. This is what matters.