Hackers recover $3 million Bitcoin from 2013 wallet through ingenious password crack

Share This Post

Hardware hacker Joe Grand and his team successfully recovered $3 million worth of Bitcoin from a software wallet that had been locked since 2013. The project, which Grand described as unlike anything he had worked on, involved reverse engineering a password generator to unlock the wallet. Grand, known for his expertise in hardware hacking, collaborated with his friend Bruno, who is adept at software hacking.

The story began when Michael, the wallet’s owner, reached out to Grand after seeing a video where he had hacked a hardware wallet. Michael had used a password generator called RoboForm to create a highly secure 20-character password, which he then saved in an encrypted text file. However, the partition holding the password became corrupted, rendering the password irretrievable.

Grand and Bruno initially declined the project because brute-forcing a password of that complexity was infeasible. However, a year later, Bruno’s work on reverse engineering another password generator inspired them to reconsider. They decided to attack the RoboForm program itself rather than the password, discovering that older versions of RoboForm were vulnerable in their randomness generation.

The process began with reverse engineering tools like Cheat Engine and Ghidra. Cheat Engine allowed them to search through the running program’s memory to identify where the generated password was stored, giving them confidence that they were targeting the correct part of the program. They then used Ghidra, a tool developed by the NSA, to decompile the machine code into a more understandable format. This step was crucial as it helped them locate the code responsible for generating the password.

Their breakthrough came when they found that the system time influenced the generated passwords. By manipulating the time values, they could reproduce the same password multiple times. This indicated that the randomness of the password generator was not entirely secure in older versions of RoboForm.

Grand and Bruno wrote code to control the password generator, effectively wrapping the original function to manipulate its output. This involved setting the system time to various values within the suspected timeframe when Michael generated the password. They generated millions of potential passwords, but initial attempts to unlock the wallet failed.

The team faced numerous challenges, including repeated system crashes and extensive debugging sessions. Their persistence paid off when they adjusted their approach, realizing that Michael’s recollection of the password parameters might be inaccurate. Based on revised parameters, which included only numbers and letters, excluding special characters, they generated a new set of passwords.

This new approach proved successful. Within minutes of running the updated code, they produced the correct password, allowing them to access Michael’s Bitcoin. This success brought relief and joy to Michael and demonstrated the profound impact of innovative problem-solving and collaboration in cybersecurity.

Grand’s innovative approach highlights the complexities and potential vulnerabilities of software-based security systems, emphasizing the importance of secure random number generation in cryptographic applications. This project recovered significant assets and showcased the collaborative power of combining hardware and software hacking expertise.

Further, it highlights why it may be essential to rotate passwords generated before specific software upgrades when using password generators. Grand’s YouTube channel showcases countless ways he has helped users recover lost Bitcoin and crypto from devices like Ledger, Trezor, and others.

The post Hackers recover $3 million Bitcoin from 2013 wallet through ingenious password crack appeared first on CryptoSlate.

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

Vaneck’s Matthew Sigel Sets Bitcoin Target at $180,000

Matthew Sigel, head of digital assets research at Vaneck, projects a significant upward trajectory for bitcoin, setting a target price of $180,000 Bitcoin Could Reach $180,000 by Next Year, Says

Ex-TD Ameritrade CEO says Bitcoin is ‘here to stay,’ foresees significant growth

Joe Moglia, former CEO of TD Ameritrade, projected that Bitcoin (BTC) is primed for substantial growth, reinforcing its position as a vital asset in the global financial landscape Moglia made the

Bitcoin Price And The Trump Effect: Here’s What Happened The Last Time Donald Trump Was President

The Bitcoin price has soared to a new all-time high, driven by the bullish sentiment generated by the Donald Trump effect following the just-concluded US Presidential elections The last time Trump

Solana Surges As Momentum Resumes, Is $240 the Next Stop?

Solana (SOL) is gaining momentum once more, with bullish energy pushing it higher as it aims for the next major resistance at $240 Following recent consolidations, SOL has surged onto traders’

Coinbase Acquires Utopia Labs Team to Accelerate Onchain Payments

Coinbase is enhancing its onchain payments capabilities with the acquisition of the Utopia Labs team, which will join Base to advance the onchain payments roadmap within Coinbase Wallet Jesse Pollak,

Crypto Legal Battle: 18 States Accuse SEC Of Unconstitutional Regulatory Actions

In a significant challenge to the US Securities and Exchange Commission (SEC) and its regulatory approach toward the crypto industry, 18 states have filed a lawsuit against the agency and its