A 15-year-old bedroom hacker has managed to get classic first-person shooterDoomrunning on the allegedly “unhackable” BitFi crypto-wallet touted bytech-evangelist and paid promoterJohn McAfee. Althoughthe Bitcoinsthat the wallet gives access too still appear unaffected by the hack, it doesn’t bode well for the device, which some havedescribed as little more than a modified Android phone.
BitFiis a cryptocurrency device that is designed to provide a hardware portal to a cloud-connected wallet.Bitcoins and other altcoinsaren’t stored on the device itself, but it does facilitate transactions. Although it has drawn some interest from security professionals and crypto-enthusiasts, it garnered most of its attention through affiliation with tech personality, John McAfee, who claimed it was unhackable. He also placed a bounty on it, offering $250,000 to anyone who could hack the device and steal Bitcoin from the cloud-connected wallet.
Within weeks, several hacks of the device had been completed, leading to people modifying its boot screen. Now, a self-described “adversarial thinker” has rooted it completely. Saleem Rashid was able to getDoomrunning on the Bitfi wallet without much difficulty. He has previously shown how it’s possible toextract sensitive information from other hardware wallets, like Trezor.
In recognition of@Bitfi6and@officialmcafeeand their prestigious@PwnieAwardsaccolades, we'd like to show you@spudowiarplaying DooM on his#BitFisecure wallet! Congratulations!pic.twitter.com/50qZZu1MnF
— ☃️ (Parody – not an actual snowman) (@AbeSnowman)July 17, 2025
Although John McAfee has been keen to point out that such hacks do not qualify for the quarter-million-dollar reward, as they have not extracted the coins from the attached cloud wallet, this rooted hack is just the beginning. As “Abe Snowman” alludes to in the replies to the above tweet, there are reasons that security researchers are heading down this path of cracking the device.
The press claiming the BitFi wallet has been hacked. Utter nonsense. The wallet is hacked when someone gets the coins. No-one got any coins. Gaining root access in an attempt to get the coins is not a hack. It's a failed attempt. All these alleged "hacks" did not get the coins.
— John McAfee (@officialmcafee)August 07, 2025
BitFi itself continues to defend the unhackable nature of its device, though it has made some statements to distance itself from McAfee, asPenTestPartners highlights. It also recently fired its social media coordinator after a series of defamatory tweets, which hasn’t left the company in good standing. Indeed, such actions have landed BitFi with a nomination for the“Lamest Vendor” of the year in the Pwnie Awards,which is quite an achievement in itself.
Although the BitFi hasn’t been demonstrably hacked to the point of releasing its bounty Bitcoins, the speed with which the supposedly unhackable and “storage-free” (it actually does have storage) wallet was hacked doesn’t bode well for its future.
