Hackers cracked a 2 million USD virtual currency wallet

Dan Reich reached out to a hacker to help him crack a $2 million virtual currency wallet because he forgot his password.

Reich and a friend used $50,000 worth of Bitcoins to buy a new cryptocurrency called Theta tokens, worth 21 cents per coin, then stored them in the Trezor hardware wallet and set up a pin code. . However, because of busy life, they forgot the password.

Hackers cracked a virtual currency wallet worth 2 million USD

After 12 incorrect password attempts, they give up, not wanting to get too close to the 16th guess because if wrong, the wallet will automatically delete all of its data.

Reich decided to forget about the amount until 2020 when the token started to appreciate, causing the value of the wallet to skyrocket. In February 2021, when the wallet was worth $ 2.5 million, he met Joe Grand, a hacker nicknamed Kingpin, after a long time of searching.

Grand is an electrical engineer and inventor who has been hacking hardware since he was 10 years old, a member of the famous hacker group L0pht. In 1998, Grand presented to the US Senate about a vulnerability that could be used to bring down the Internet or allow intelligence agencies to spy on traffic. In 2008, he co-hosted Discovery Channel’s “Prototype This” show. Currently, he is teaching hardware hacking to organizations and companies that design complex systems, wishing to learn how hackers attack their products.

Grand has a lab in Portland, he bought several wallets identical to Reich’s and installed the same firmware on them. Reich said he did not expect the unlocking process to be so complicated, taking more than three months of testing with failures, successes and heart-pounding moments.

Finally, in May 2021, when Grand said he was ready to deploy a computer program that could unlock the wallet, Reich flew right from New Jersey to Portland to give the wallet to Grand. After nearly three and a half hours of nervous waiting, Grand succeeded. A key and a five-digit PIN will appear on the screen. Reich and his friends have thus acquired $2 million. Reich immediately moved Theta tokens out of their account and sent a portion of the spoils to Grand.

Cases like Reich are not uncommon. Cryptocurrency data firm Chainalysis estimates that more than 3.7 million Bitcoins worth $66.5 billion may have been lost to a variety of reasons, such as the computer or phone hosting the software wallet being stolen or experiencing an accident. failure and the wallet cannot be recovered, the owner accidentally throws away their hardware wallet or forgets the PIN, or dies without passing the information on to family members.

Grand continues to look for people in similar situations to help them open their wallets. Grand not only wants to crack the wallets, but also wants to make them more secure. He intends to report the security holes he finds to the vendor when they are patched so that criminals and bad guys can’t exploit them.

Trezor wallets can continue to be attacked by other hacking techniques. Grand is working on a new method to hack the STM32 microcontroller used in the wallet. It will work even on wallets with the latest firmware installed, which is more protected. However, he said he would not make the details public because the sphere of influence could extend beyond wallets.

Huong Dung(According to BI, The Verge)

Do not want personal information stolen online, what to do?

Do not want personal information stolen online, what to do?

According to an FBI report, cybercrime caused $4.1 billion in damage in 2020, an increase of 17% compared to 2019.


Leave a Reply

Your email address will not be published. Required fields are marked *