Menu

Categories:

Hot right now:

Follow on:

Coinsurges provides coverage of fintech, blockchain, and Bitcoin, delivering the most recent news and analyses on the future of money. Stay up-to-date with live prices, charts, and trading options for the top exchanges. Keep track of the day's top cryptocurrency gainers and losers, as well as which coins have experienced gains and losses in the past 24 hours.
Trust Coinsurges as your go-to source for all news and updates in the industry.

Menu

Categories:

Hot right now:

Follow on:

Coinsurges provides coverage of fintech, blockchain, and Bitcoin, delivering the most recent news and analyses on the future of money. Stay up-to-date with live prices, charts, and trading options for the top exchanges. Keep track of the day's top cryptocurrency gainers and losers, as well as which coins have experienced gains and losses in the past 24 hours.
Trust Coinsurges as your go-to source for all news and updates in the industry.

Hackers recover $3 million Bitcoin from 2013 wallet through ingenious password crack

Share This Post

Hardware hacker Joe Grand and his team successfully recovered $3 million worth of Bitcoin from a software wallet that had been locked since 2013. The project, which Grand described as unlike anything he had worked on, involved reverse engineering a password generator to unlock the wallet. Grand, known for his expertise in hardware hacking, collaborated with his friend Bruno, who is adept at software hacking.

The story began when Michael, the wallet’s owner, reached out to Grand after seeing a video where he had hacked a hardware wallet. Michael had used a password generator called RoboForm to create a highly secure 20-character password, which he then saved in an encrypted text file. However, the partition holding the password became corrupted, rendering the password irretrievable.

Grand and Bruno initially declined the project because brute-forcing a password of that complexity was infeasible. However, a year later, Bruno’s work on reverse engineering another password generator inspired them to reconsider. They decided to attack the RoboForm program itself rather than the password, discovering that older versions of RoboForm were vulnerable in their randomness generation.

The process began with reverse engineering tools like Cheat Engine and Ghidra. Cheat Engine allowed them to search through the running program’s memory to identify where the generated password was stored, giving them confidence that they were targeting the correct part of the program. They then used Ghidra, a tool developed by the NSA, to decompile the machine code into a more understandable format. This step was crucial as it helped them locate the code responsible for generating the password.

Their breakthrough came when they found that the system time influenced the generated passwords. By manipulating the time values, they could reproduce the same password multiple times. This indicated that the randomness of the password generator was not entirely secure in older versions of RoboForm.

Grand and Bruno wrote code to control the password generator, effectively wrapping the original function to manipulate its output. This involved setting the system time to various values within the suspected timeframe when Michael generated the password. They generated millions of potential passwords, but initial attempts to unlock the wallet failed.

The team faced numerous challenges, including repeated system crashes and extensive debugging sessions. Their persistence paid off when they adjusted their approach, realizing that Michael’s recollection of the password parameters might be inaccurate. Based on revised parameters, which included only numbers and letters, excluding special characters, they generated a new set of passwords.

This new approach proved successful. Within minutes of running the updated code, they produced the correct password, allowing them to access Michael’s Bitcoin. This success brought relief and joy to Michael and demonstrated the profound impact of innovative problem-solving and collaboration in cybersecurity.

Grand’s innovative approach highlights the complexities and potential vulnerabilities of software-based security systems, emphasizing the importance of secure random number generation in cryptographic applications. This project recovered significant assets and showcased the collaborative power of combining hardware and software hacking expertise.

Further, it highlights why it may be essential to rotate passwords generated before specific software upgrades when using password generators. Grand’s YouTube channel showcases countless ways he has helped users recover lost Bitcoin and crypto from devices like Ledger, Trezor, and others.

The post Hackers recover $3 million Bitcoin from 2013 wallet through ingenious password crack appeared first on CryptoSlate.

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

Tether’s 2-Year, $5 Billion Investment Blitz Fuels US Companies: CEO

Tether, the issuer of the USDT stablecoin, has quietly funneled roughly $5 billion of its earnings into a mix of US businesses and government debt over the past two years It’s putting money where

Dogecoin (DOGE) at Risk — Can Support Hold This Time?

Dogecoin started a fresh decline from the $02540 zone against the US Dollar DOGE is now consolidating losses and might extend losses below $02200 DOGE price started a fresh decline below the $02420

These 5 Top Altcoins Are Like Bitcoin at $1, Stack Now

The post These 5 Top Altcoins Are Like Bitcoin at $1, Stack Now appeared first on Coinpedia Fintech News A crypto analyst has shared his outlook for altcoins in 2025, expecting a classic altcoin

BRICS Bank Fuels Russia’s De-Dollarization Push—Global Finance Faces Reset

Russia is turbocharging its de-dollarization drive through the BRICS Bank, championing non-dollar financing and pushing a multipolar system to disrupt Western dominance in global finance Russia

India’s Crypto Sector Rallies for Tax Change as Trump Spurs Market Optimism

Amid evolving global dynamics, India’s cryptocurrency sector is intensifying pressure on the government for tax relief, capitalizing on what industry leaders see as softening attitudes linked to

Bitcoin Kidnapping Case: Crypto Entrepreneur Arrested For Torture And Extortion

John Woeltz was arrested in New York City on Friday for allegedly kidnapping and torturing a man in an attempt to access his Bitcoin (BTC) password Once celebrated as a rising star in the crypto
You have not selected any currencies to display