Topics: Cryptocurrency, Bitcoin, Technology, Money
A team of hackers have finally unlocked a $3 million Bitcoin wallet after a man forgot his password for 11 years.
I mean, forgetting your password is certainly a pain, but it's usually not the end of the world.
But to forget your password for a whopping $3 million Bitcoin wallet? Well, that is pretty devastating.
Thankfully, however, security researchers have cracked a password to recover the massive amounts of money after it had been stuck in crypto wallet for 11 years.
Advert
Electrical engineer Joe Grand, who goes by the handle ‘Kingpin’ online, was hired to hack into an encrypted file holding 43.6 BTC.
The high worth of cryptocurrency was protected by a password created by a random password generator called Roboform - but the password had since been lost.
The anonymous owner worried that someone would hack his computer and obtain his password - ultimately gaining access to his cryptocurrency.
"At [that] time, I was really paranoid with my security,” he said.
So, the owner asked Grand for his help, after he became known in the community in 2022 for helping another crypto owner recover access to over $2 million in cryptocurrency he thought he'd lost forever.
Grand says dozens of people have previously contacted him to ask for help with recovering lost treasure.
However, Grand decided to turn a lot of them down for various reasons, but decided to help this particular anonymous owner with his quest.
In a YouTube video published by Grand, the wallet's owner said: "I generated the password, I copied it, put it in the passphrase of the wallet, and also in a text file that I then encrypted."
At the time of the owner losing access to the account, the Bitcoin worth stood between $3,000 and $4,000.
But as the price of bitcoin had risen by more than 20,000 percent, the owner decided to reach out to Grand.
So, Grand used a tool developed by the US National Security Agency (NSA) to disassemble the password generator’s code.
He said: "In a perfect world, when you generate a password with a password generator, you expect to get a unique, random output each time that no one else has.
"[But] in this version of RoboForm, it was not the case.
"While RoboForm’s passwords appear to be randomly generated, they’re not. With the older versions of this software, if we can control the time, we can control the password."
Grand was able to trick the system by changing the time back to 2013 when the password was generated, and after a few failed attempts, it ultimately led to the same password being recreated.
The hacking expert then worked with his colleague Bruno to generate millions of potential passwords.
He was able to eventually crack the code - which Grand said to Wired was 'ultimately lucky'.
“We ultimately got lucky that our parameters and time range was right. If either of those were wrong, we would have … continued to take guesses/shots in the dark.” he told them in an email.
