X

John McAfee's 'unhackable' Bitcoin wallet is hackable, company admits

The man himself hasn't weighed in yet.

Sean Hollister Senior Editor / Reviews
When his parents denied him a Super NES, he got mad. When they traded a prize Sega Genesis for a 2400 baud modem, he got even. Years of Internet shareware, eBay'd possessions and video game testing jobs after that, he joined Engadget. He helped found The Verge, and later served as Gizmodo's reviews editor. When he's not madly testing laptops, apps, virtual reality experiences, and whatever new gadget will supposedly change the world, he likes to kick back with some games, a good Nerf blaster, and a bottle of Tejava.
Sean Hollister
2 min read
john-mcafee-burning-money

John McAfee. No, this is not a photoshop -- he actually burned the money.

Screenshot by Sean Hollister/CNET

Two weeks ago, it seemed safe to say that John McAfee's supposedly "unhackable" cryptocurrency wallet had been hacked. (It's been nearly four weeks since the first security researchers reached that conclusion.)

But it's only today, in the wake of yet another hack (more details at the link), that wallet-maker Bitfi has decided to admit defeat.

In an announcement on Twitter, the company says it will be removing the "unhackable" claim effective immediately, and the company is also admitting that researchers have identified vulnerabilities.

"We took this step to stop the negativity and the anger on social media which was not healthy," the company told CNET by email.

When we asked, Bitfi wouldn't say whether it will award the $250,000 or $10,000 bounties it offered to those who could prove they'd been able to hack the wallet -- the company says it will make a "comprehensive public statement" on all issues, including the bounty payments, next week.

Bitfi intends to try to fix the wallet by addressing those issues rather than recalling the product or stopping sales. "Whatever issues we discover will be patched for all customers via our push updates," the company tells CNET.  

The tweet also contains something of an apology: "While our intention has always been to unite the community and accelerate the adoption of digital assets worldwide, we realize that some of our actions have been counterproductive to that goal." 

McAfee didn't immediately respond to a request for comment. He had typically weighed in on Twitter after each previous hack to claim they weren't actually hacks, but he hasn't tweeted in the past seven hours.

Update, 4:28 p.m. PT: With additional comments from Bitfi.