A team of hackers has successfully unlocked a Bitcoin wallet containing $3 million after its owner forgot the password for 11 years. The wallet, which held 43.6 BTC, was protected by a complex password generated by RoboForm, a password manager. The owner, who wishes to remain anonymous, had lost access to the wallet in 2013.
Key Takeaways
- A Bitcoin wallet containing $3 million was unlocked after 11 years.
- The wallet’s owner had forgotten the password, which was generated by RoboForm.
- Electrical engineer Joe Grand, known as ‘Kingpin,’ led the hacking effort.
- The password was recreated by manipulating the time settings of the password generator.
The Forgotten Fortune
In 2013, the anonymous owner created a password using RoboForm, a password manager known for generating complex passwords. The password was a mix of 20 upper and lower case letters and numbers. Due to security concerns, the owner stored the password in an encrypted file rather than with RoboForm. Unfortunately, the encrypted file became corrupted, and the owner lost access to the wallet.
At the time, the Bitcoin in the wallet was worth a few thousand dollars. However, as the value of Bitcoin skyrocketed over the years, the lost fortune grew to nearly $3 million. Desperate to recover his assets, the owner reached out to Joe Grand, an electrical engineer and hacker known for his expertise in recovering lost cryptocurrency.
The Hacking Process
Joe Grand, who goes by the handle ‘Kingpin,’ initially turned down the request but later decided to take on the challenge. Grand used a reverse engineering tool developed by the US National Security Agency (NSA) to disassemble the RoboForm password generator’s code. He discovered that the passwords generated by the older version of RoboForm were not entirely random and could be recreated by manipulating the time settings.
Grand and his colleague Bruno worked tirelessly to generate millions of potential passwords. They focused on the time frame around when the password was likely created. After several failed attempts, they successfully recreated the password by setting the time back to May 15, 2013.
The Outcome
Once the password was cracked, the owner regained access to the wallet, which now held 43.6 BTC. Grand and his team received a portion of the Bitcoin as a reward for their efforts. The owner sold some of the Bitcoin at $62,000 per coin, retaining 30 BTC worth approximately $2 million. He plans to sell the remaining Bitcoin when the price reaches $100,000 per coin.
Future Implications
The success of this hacking effort highlights the importance of secure password management and the potential vulnerabilities in older software versions. RoboForm has since updated its platform to improve the randomness of its password generator, making similar hacking attempts less likely in the future.
Joe Grand hopes to continue helping others recover lost cryptocurrency but acknowledges that new approaches may be needed as security measures evolve. "If this project required hacking time, what dimension are we going to have to hack next?" he pondered.
This remarkable story serves as a cautionary tale for cryptocurrency owners to ensure their passwords are securely stored and backed up to avoid similar situations.
Sources
- Hackers finally unlock $3 million Bitcoin wallet after man forgot password for 11 years, UNILAD.
- Researchers ‘hack time’ to recover $3 million bitcoin wallet | The Independent, The Independent.
- A man got $3 million in Bitcoin back after he lost his password, Quartz.
- How Bitcoin Hackers Recovered $3 Million From Wallet Locked In 2013, Forbes.
