Hackers recover $3 million Bitcoin from 2013 wallet through ingenious password crack

Hackers recover $3 million Bitcoin from 2013 wallet through ingenious password crack
фото показано с : cryptoslate.com

2024-6-3 16:55

Hardware hacker Joe Grand and his team successfully recovered $3 million worth of Bitcoin from a software wallet that had been locked since 2013. The project, which Grand described as unlike anything he had worked on, involved reverse engineering a password generator to unlock the wallet. Grand, known for his expertise in hardware hacking, collaborated with his friend Bruno, who is adept at software hacking.

The story began when Michael, the wallet’s owner, reached out to Grand after seeing a video where he had hacked a hardware wallet. Michael had used a password generator called RoboForm to create a highly secure 20-character password, which he then saved in an encrypted text file. However, the partition holding the password became corrupted, rendering the password irretrievable.

Grand and Bruno initially declined the project because brute-forcing a password of that complexity was infeasible. However, a year later, Bruno’s work on reverse engineering another password generator inspired them to reconsider. They decided to attack the RoboForm program itself rather than the password, discovering that older versions of RoboForm were vulnerable in their randomness generation.

The process began with reverse engineering tools like Cheat Engine and Ghidra. Cheat Engine allowed them to search through the running program’s memory to identify where the generated password was stored, giving them confidence that they were targeting the correct part of the program. They then used Ghidra, a tool developed by the NSA, to decompile the machine code into a more understandable format. This step was crucial as it helped them locate the code responsible for generating the password.

Their breakthrough came when they found that the system time influenced the generated passwords. By manipulating the time values, they could reproduce the same password multiple times. This indicated that the randomness of the password generator was not entirely secure in older versions of RoboForm.

Grand and Bruno wrote code to control the password generator, effectively wrapping the original function to manipulate its output. This involved setting the system time to various values within the suspected timeframe when Michael generated the password. They generated millions of potential passwords, but initial attempts to unlock the wallet failed.

The team faced numerous challenges, including repeated system crashes and extensive debugging sessions. Their persistence paid off when they adjusted their approach, realizing that Michael’s recollection of the password parameters might be inaccurate. Based on revised parameters, which included only numbers and letters, excluding special characters, they generated a new set of passwords.

This new approach proved successful. Within minutes of running the updated code, they produced the correct password, allowing them to access Michael’s Bitcoin. This success brought relief and joy to Michael and demonstrated the profound impact of innovative problem-solving and collaboration in cybersecurity.

Grand’s innovative approach highlights the complexities and potential vulnerabilities of software-based security systems, emphasizing the importance of secure random number generation in cryptographic applications. This project recovered significant assets and showcased the collaborative power of combining hardware and software hacking expertise.

Further, it highlights why it may be essential to rotate passwords generated before specific software upgrades when using password generators. Grand’s YouTube channel showcases countless ways he has helped users recover lost Bitcoin and crypto from devices like Ledger, Trezor, and others.

The post Hackers recover $3 million Bitcoin from 2013 wallet through ingenious password crack appeared first on CryptoSlate.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Atomic Wallet Coin (AWC) на Currencies.ru

$ 0.0400618 (+0.00%)
Объем 24H $5.896k
Изменеия 24h: 5.74 %, 7d: 14.29 %
Cегодня L: $0.0359365 - H: $0.0407148
Капитализация $424.802k Rank 2160
Цена в час новости $ 0.0568883 (-29.58%)

wallet password grand 2013 had million bitcoin

wallet password → Результатов: 67


Lost And Found: Hackers Successfully Access Decade-Old Bitcoin Wallet, Retrieve $3 Million

In an extraordinary turn of events, two hackers have successfully cracked the long-forgotten password of a digital wallet, leading to the recovery of approximately $2 million worth of Bitcoin (BTC).   Lost Bitcoin Fortune Unlocked As reported by Wired, the story began in 2013 when an individual known by the alias “Michael” securely stored his Bitcoin holdings in a password-protected digital wallet.

2024-5-31 03:00


Zimbabwe’s Golix Crypto Exchange Founder Claims to Have Lost Password To Bitcoin’s Cold Wallet

Crypto investors and worshippers in Zimbabwe were left in shock after learning that the founder and CEO of a leading crypto exchange in Zimbabwe, Golix, had lost the password to its cold wallet. According to Cointelegraph, the CEO of Golix, Tawanda Kembo, reportedly misplaced the password last year in May. Cointelegraph quoted a local news […]

2019-11-3 20:03


Фото:

Young Guy Tortured by His Friends to Get The Password to His Crypto Wallet

A group of young professional men was accused by Manhattan District Attorney’s Office of breaking into a friend’s apartment and torturing him in order to gain access to his wallet. According to an article from the NY Post, the group of friends went to drink and have fun, and after the victim was drunk, the […] The post Young Guy Tortured by His Friends to Get The Password to His Crypto Wallet appeared first on Ethereum World News.

2018-11-8 05:45