Bitfi Hardware Wallets Not So Safe Anymore Despite ‘Unhackable’ Claims

BTC Wires: In June, BitFi and McAfee had come together to launch the BitFi hardware wallet, a supposedly “unhackable” and supremely secure way for users to store   their cryptocurrencies like bitcoin safely. Dubbing the wallet absolutely “unhackable”, the wallet was backed by the company as being the most secure crypto storage system till date. In August, the company announced two bounty programs, to further its claims about the wallet’s security features and as a fresh proof of their conviction in their product. The first bounty programme offered a whopping sum of $250000 to anyone that can prove that the hardware wallet can be hacked. The second offered  $10000 to anyone that could prove a security breach of the BitFi firmware. The company put out a tweet announcing the bounty, challenging members of the industry to attempt to break into the BitFi security system.

In response, Pen Test Partners did a detailed breakdown of the product, claiming that the BitFi device was merely a cheap version of an Android device, running on a MediaTek MT6850 processor and costing around $35 to make. Then Oversoft revealed that they could easily gain root access, patching the firmware while still successfully connecting to the dashboard. When they provided this proof to BitFi via another Twitter post, BitFi refused to accept it as a breach, saying that merely rooting a device was not akin to hacking it. A security researcher called Ryan Castellico has mocked the device by calling it nothing but a rundown variant of the stock Android device and has challenged the company to send them 3 BitFi devices to Las Vegas Caesar Palace this weekend, so security researchers and enthusiasts can prove that they can hack the device. The company has agreed and the crypto world is looking on with great interest and eagerness to know whether or not the company will be able to keep its word or not.

BitFi has been having a tough time recently with more than just its claims falling flat in the security industry. Despite their denial, it is clear that Castellico and other researchers have found breaches they are confident of taking advantage of and the security of the device seems to have been called to question. A few days back, the company also received the Pwnie For “Lamest Vendor Response”. Clearly, the company is far from being able to prove the conviction it has in its creation.