In 2013, Michael lost access to his digital wallet containing 43.6 bitcoins due to a hard drive failure, a loss worth only a few hundred dollars at the time. By 2022, he realized that his wallet held a fortune, but he had no way to access it. With the help of hackers, he miraculously regained access to the stored bitcoins.
The Forgotten Password
Michael, who wished to remain anonymous, used the password manager RoboForm to generate a secure password consisting of twenty characters, including letters, numbers, and symbols. He stored this password in a file encrypted with TrueCrypt and saved it on his computer's hard drive. Unfortunately, he didn't back it up, and when the hard drive failed, the password to his digital wallet was lost.
In 2022, realizing the value of his inaccessible bitcoins, Michael sought help from security specialists and hackers, but their attempts were unsuccessful. The challenge of brute-forcing the password was deemed practically impossible.
A Breakthrough in 2023
A year later, Michael contacted two previously approached hackers who had gained experience with other password generators through reverse engineering. They decided to apply their skills to RoboForm.
A crucial clue came from a 2015 changelog on RoboForm's website, noting an improvement in the randomness of its password generator. This suggested that earlier versions, like the one used in 2013, might not have been truly random. The hackers hypothesized that the system time was used as a seed for generating passwords.
By manipulating the system time, they discovered that RoboForm could produce the same password if the same time was used. They created a program to generate possible passwords by incrementally changing the system time, generating around 100 passwords per second.
The Successful Attempt
They generated a batch of passwords for the time period when Michael's password was likely created in 2013, but the initial attempt failed. In a moment of desperation, they reconsidered the possibility that Michael might not have included special characters in his password. Adjusting the parameters, they restarted the process, and on the second attempt, they succeeded.
"We were fortunate that our parameters and time range were correct. If any had been wrong, we would have continued guessing blindly," said Joe Grand of Offspec.io, who led the project. "Pre-calculating all possible passwords would have taken much longer."
The wallet, containing bitcoins worth approximately $3 million (about 67 million CZK), was finally accessible. Without the corrected error in the RoboForm application, accessing the wallet with current methods would have been impossible.
For those interested in the detailed process, Joe Grand, one of the two hackers behind the recovery, has shared a video explaining the breakthrough. This article is based on information from his account.
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“