John McAfee’s “unhackable” Bitfi wallet got hacked — again

If the security community could tell you just one thing, it’s that “nothing is unhackable.” Except John McAfee’s cryptocurrency wallet, which was only unhackable until it wasn’t — twice.

Security researchers have now developed a second attack, which they say can obtain all the stored funds from an unmodified Bitfi wallet. The Android-powered $120 wallet relies on a user-generated secret phrase and a “salt” value — like a phone number — to cryptographically scramble the secret phrase. The idea is that the two unique values ensure that your funds remain secure.

But the researchers say that the secret phrase and salt can be extracted, allowing private keys to be generated and the funds stolen.

Using this “cold boot attack,” it’s possible to steal funds even when a Bitfi wallet is switched off. There’s a video below.

on a completely unrelated note, here is a @Bitfi6 being cold boot attacked.

it turns out that rooting the device does not wipe RAM clean. who would have thought it!?

🎶 i feel this music is very appropriate for @Bitfi6 🎶 pic.twitter.com/jpSnYBd9Vk

— Saleem “Unhackable”

 » Read More

Loading...

What do you think?

0 points
Upvote Downvote

Total votes: 0

Upvotes: 0

Upvotes percentage: 0.000000%

Downvotes: 0

Downvotes percentage: 0.000000%

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Loading…

Comments

comments

Hello Kitty has no mouth, and she must vlog

Hello Kitty has no mouth, and she must vlog

A gold mine is buried ‘under the weeds’ at Amazon — here’s why it could take the company beyond the $1 trillion mark (AMZN)

A gold mine is buried ‘under the weeds’ at Amazon — here’s why it could take the company beyond the $1 trillion mark (AMZN)