Cryptocurrency wallet Bitfi, developed by a team of MGT Capital Investments founder John McAfee, was “converted cheap Android smartphone”. This was announced by software developer Ryan Castellucci.
Bitfi appears to be exactly what it looks like from the photos is a cheap stripped down Android phone. There’s some screenshots of it demanding to be connected to WiFi in order to function elsewhere in @cybergibbons’s feed. Someone will probably have Doom running on it by Friday. https://t.co/cC1pZsahJH
— Ryan Castellucci (@ryancdotorg) 29 Jul 2018
Hackers have begun to carefully examine the device after the promised rewards of $100 thousand for his hacking.
So, they researched a list of directories loaded to the internal memory of the device while turning it on, and found a set of malicious tools Adups FOTA. Their fears was the fact that every 72 hours, the device sends information about text messages, calls, location and application data to a server in China.
Allowing us to dump the file system. pic.twitter.com/bDXJuWB4QM
— Ask Cybergibbons! (@cybergibbons) 30 Jul 2018
Also on the device pre-installed Chinese app Baidu with built-in functionality of tracking Wi-Fi and GPS. The device does not have the internal cold storage, and all the tools users remain on the hot wallet.
At least the Baidu and Adups apps are indeed actively running on the device, including calling home to Baidu and Adups.
The rest of The system/vendor partitions include drivers for removed devices like the camera, tcpdump, adbd and several other debugging binaries.
— OverSoft (@OverSoftNL) 30 Jul 2018
John McAfee has confirmed that the so-called “wallet” is telephonophobia device.
There is no internal storage. The wallet receives its instructions for each coin from our servers.
— John McAfee (@officialmcafee) 30 Jul 2018
“It has no internal storage. Purse receives instructions for each coin from our server”, — he wrote in Twitter.
The researchers summarize that the purse Bitfi no different from any other storage solutions for cryptocurrency in the network as its security is reduced to the ability to transmit private keys and seed-phrase.
It is noteworthy that all of this information the hackers have been using a free tool SP Flash Tool reads the data from the Mediatek chipsets.
Oh so funny John. It is obviously not a phone but a 3.9” touchscreen tablet with. It doesn’t even have a speaker so what on earth are you talking about? Since you claim it’s a phone, why don’t you try to make a call on it and let us know how it goes.
— Bitfi (@Bitfi6) July 31, 2018.
“The device operates in the mode “read only”, that is, data cannot be overwritten. So all the spyware appears to have been loaded yet at the time of issue”, — said they.
Hackers are going to continue the “dry” test devices Bitfi, scanning its contents.
Recall, the cost of the purse Bitfi is $120.