CEO of Allegedly Compromised Wallet Bitfi Calls Teenage Hacker's Claims 'A Disgrace'

Publié le by Cointele | Publié le

Cryptocurrency hardware wallet manufacturer Bitfi called claims their wallet had in fact been hacked a "Disgrace" in comments to Cointelegraph August 2, as controversy around the company's security prowess builds.

Bitfi and official partner John McAfee had offered a bounty worth $100,000 in July for anyone able to compromise their so-called "Unhackable" hardware wallet.

Photos of the wallet's components drew controversy when they surfaced online last week, commentators voicing concerns Bitfi's claims it had built the "Most sophisticated instrument in the world" had little basis.

On Thursday, those concerns increased after Saleem Rashid, the fifteen-year-old who unearthed a security vulnerability in fellow hardware wallet Ledger in 2017, announced on Twitter he had succeeded in hacking Bitfi's product.

The company appeared not to believe Rashid, arguing his decision not to claim the bounty meant the situation was not all it seemed.

"Please understand that the Bitfi wallet is a major threat to Ledger and Trezor because it renders their technology obsolete So they hired an army of trolls to try to ruin our reputation."

Bitfi's CEO Khesin meanwhile continued the skeptical position towards Rashid, challenging him to accept the money if he had in fact compromised the device.

"Yet he tweeted to the whole world this morning that he hacked into our wallet. I think it's a disgrace for any human being to do such a thing but I will leave to you to judge."

After Rashid created code to 'backdoor' Ledger's wallets back in November 2017, the company released posts describing the events as "NOT critical" and said possible attacks "Cannot extract the private keys or the seed."

Rashid then refuted the claims on social media and a post on his personal blog in March of this year, stating he could still "Autonomously extract the root private key once the user unlocks the device" and use to it instigate manipulation of destination addresses for transactions.

x