CNET también está disponible en español. Analysis: Until someone claims the Bitfi bounty, we won’t know for sure.
When the notorious former antivirus kingpin John McAfee called his Bitfi cryptocurrency wallet “unhackable,” you’d better believe hackers came out of the woodwork to prove him wrong. So far, they haven’t proven him wrong — because Bitfi hasn’t yet received anything it considers proof. But after chatting with Bitfi ops VP Bill Powel and Pen Test Partners security researcher Andrew Tierney (aka Cybergibbons) several times over the past 24 hours, I’m pretty sure it’s safe to say that the Bitfi wallet has been hacked.
That’s enough for me, personally. But it may not be enough for you, particularly because Bitfi did make an interesting point when I chatted with them at length: Bitfi says that no security researcher has actually stepped forward to claim the $250,000 bounty the company’s offering to anyone who can take funds out of its preloaded wallets, nor the $10,000 bounty it’s offering for a man-in-the-middle attack.
“Not a single person has come forward to claim either of the two bounties,” says Powel. And Pen Test Partners’s Tierney conceded that — to his knowledge — that’s actually true.
“None of us have contacted Bitfi to disclose any issues.” As we reported a couple weeks back, security researchers claimed it was impossible to take funds out of a pre-loaded wallet because Bitfi wouldn’t actually send pre-loaded wallets to security researchers. According to Bitfi, that’s not true — and since then, Bitfi appears to have sent three of them to security researcher Ryan Castellucci. Read more from cnet.com…
thumbnail courtesy of cnet.com