Posted on August 6, 2018 at 12:13 PM
A professional hacker who goes by the name of OverSoftNl on Twitter has reportedly hacked a cryptocurrency wallet that was advertised as unhackable less than a week after its release into the market. He was able to gain root access to the device which was advertised by cybersecurity pioneer John McAfee and BitFi, the creators of the wallet, as having a “fortress-like” security.
Short update without going into too much detail about BitFi:
We have root access, a patched firmware and can confirm the BitFi wallet still connect happily to the dashboard.
There are NO checks in place to prevent that like claimed by BitFi.
— OverSoft (@OverSoftNL) August 1, 2018
The original bounty of $100,000 was raised to $250,000 by McAfee and Bitfi and was supposed to be awarded to the first person who was able to hack the Bitfi wallet, a technological “Titanic” if you will. The challenge also served as a marketing scheme, where hackers were required to purchase a $120 Bitfi wallet. To be able to participate.
OverSoftNL says that by being to gain root access shows that the wallet isn’t as secure as advertised. claims that BitFi refuses to pay the bounty, and goes as far as to say that BitFi doesn’t “have $250,000 free in hand at this moment.”
McAfee, who has had quite a bizarre year, refuses to acknowledge the hack. McAfee claims that gaining root access isn’t even considered a hack. McAfee tweeted,”can you get the money on the wallet? No. That’s what matters.”
Hackers saying they have gained root access to the BitFi wallet. Well whoop-de-do! So what? Root acces to a device with no write or modify capability. That's as useless as a dentist license un a nuclear power plant. Can you get the money on the wallet? No. That's what matters.
— John McAfee (@officialmcafee) August 2, 2018
BitFi appears to have taken pointers from POTUS Trump, denying all allegations and accusing OerSoftNL of working with competitors of BItifi. BitFi also put up a second bounty, this one for $10,000. McAfee doesn’t appear to be associated with the second bounty, which is supposed to simulate a scenario in which a customer has their BitFi wallet stolen, modified, and then returned.
As if the scandal wasn’t bad enough for BitFi and McAfee, Ryan Castellucci who works for WhiteOps as a security researcher, described the BitFi wallet as a “cheap, stripped down Android” device. To make matters worse, a different group of researchers pointed out that the use of Baidu as the search engine and incorporation of Adups spyware make the BitFi wallet that much less wholesome.
BitFi has yet to comment on the matter, even after multiple requests from different news outlets.
Will OverSoftNL receive what seems to be rightfully owed? Will McAfee admit the hack and work to better the system? Will BitFi persevere? We can’t be certain of any of it.
What we are certain if is that we’re uncertain if Bitfi was actually hacked. We’re even more uncertain if BitFi would be willing to admit to the hacking if it really did occur. As for John McAfee? He may very well keep arguing that the BitFi has yet to be hacked. Either way, the controversy isn’t good for business. Not for BitFi’s business, and not for John McAfee’s business.