John Mcafee’s Bitfi Wallet Hacked!


Will he pay up?


the saga is still ongoing. McAfee offered ‘ask cybergibbons’ to stay at his house and hack his own wallet which has 20 million in crypto on it. if he can hack it, he gets the 20 mill.

cyber countered by asking the wallet be sent to him instead of staying at Mcafee’es house.

the stand off continues!


In the article it say’s McAfee offered a $250,000 bounty for anyone who could successfully carry out an attack on the wallet that will result with the theft of the coins.

Bitfi did not pay out the bug bounty because the attack demonstrated by the researchers was outside the scope of the bounty.


That was the previous attempt this latest one looks like it fits within the scope of the bounty!


they wont be able to extract the coins from his wallet.

theres two attack vectors,

  1. requires stealing a wallet that is still powered on and recently had its phrase typed in. thats the ‘cold boot’ method
  2. requires stealing a wallet, modifying its gizzards so it sends your keys to a remote server while you type them in, then replacing the wallet without you ever knowing.

if number 1 is actually legit, he could potentially steal McAfee’s 20 mill if he allowed access to the wallet right after it was used.


i still dont believe McAfee should have to pay up, nobody stole the crypto on his wallet. Played games, sure, but nobody stole crypto.


To understand it better…so the hackers typed in the passwords and had to turn it off and in some short time they connect it to the computer and could hack the password? It the time is too long, they can’t hack it, do I get it right?


If your talking about scenario one, the wallet literally has to be on when stolen, and been used so the phrase is in the RAM