Source: Overseas Student Uncle
In 2022, a man named Michael from Spain was troubled by a difficult problem.
As early as 2013, he bought 43 Bitcoins for a total of $5,300, when Bitcoin was not yet popular.
He then stored these coins in an electronic wallet, and to prevent theft, he used a password software to generate a random password that was 20 digits long.
Michael was worried that saving this password with the same software was not secure enough, and if it was cracked by hackers or the computer was lost, the other party could find the password and withdraw his Bitcoins.
So, he cleverly pasted this long password in a document, making it unrecognizable. He also set a password for this document and encrypted it.
After this layer of encryption, Michael thought he had an impregnable Bitcoin account password, and he just had to wait for Bitcoin to rise in price to withdraw it.
Unexpectedly, Michael finally fell into his own trap - the encrypted document containing the password mysteriously broke down and could not be opened, and the 20-digit password could not be pasted out.
At the same time, he watched helplessly as the value of Bitcoin rose from the past $123 per coin to over $30,000 per coin.
«I have this fortune, I can see it, but I cannot use it, because I don't have the password.»
Over the past years, Michael has been looking for various password cracking experts to see if anyone can help him recover the random password generated by the software that year.
But countless cybersecurity experts have told Michael: A 20-digit random password?! Forget about your Bitcoins, they'll never be recovered.
Hearing this bad news, Michael once thought he would never be able to get his hands on this huge fortune in his lifetime.
Until 2022, he learned through the internet about an American hacker named JOE Grand, and then Michael sought help from JOE.
JOE is a world-renowned hardware hacker, as well as an electrical engineer and inventor, with a hacking history that can be traced back to when he was 10 years old.
He is recognized by the mainstream, and also provides consulting services to system developers on how they should defend against hackers like him...
JOE also has experience in helping two strangers recover lost cryptocurrency passwords.
One time, the other party had thrown the USB drive containing the password into a lake, and after the diver recovered it, JOE was able to restore the functionality of the USB drive through a series of physical means, allowing the other party to find the password stored inside as if the USB drive had never been lost.
The other time was about password cracking, where a family member had unexpectedly passed away, and before his death, he had told his brother that the Bitcoin password might be related to their grandmother's name, so JOE helped with a "brute force search" around this clue, trying hundreds of millions of combinations...
In 2022, Michael contacted JOE through the internet, but JOE did not agree as he had in the past.
The reason is also not complicated: JOE is a hardware hacker, and is not good at dealing with passwords randomly generated by software.
At the same time, helping people recover cryptocurrency passwords is not his specialty and interest, no matter how high the price the other party offers.
So, JOE flatly rejected Michael's request that year.
But last summer, when Michael was in despair and found JOE again, JOE agreed to give it a try.
This time, it was not because JOE softened his heart to agree to Michael, but because his German partner, a young software hacker, proposed that they had a certain probability of recovering Michael's lost password.
The young hacker's name is Bruno, a German who specializes in software vulnerabilities, and like JOE, Bruno has been extremely interested in finding security vulnerabilities in systems and software since he was a child.
Bruno often receives requests from people seeking help with lost cryptocurrency passwords, but a case like Michael's is the first he has seen.
He proposed to JOE that they might have a chance to try, and the two genius hackers were both extremely interested in these difficult but faintly hopeful projects.
JOE flew to Europe to meet with Bruno and Michael.
The random password that Michael generated that year was through a software called "RoboForm", which is one of the earliest random password generators in the world and is still in use today.
JOE and Bruno tested this software and found that it can generate completely different passwords at any given time.
For the two of them, finding JOE's random password that year is like finding a needle in a haystack:
"If we have to try all possible password combinations, that's equivalent to a trillion times the number of water droplets in the world.
If we imagine a password as a drop of water, we'll find that it may be flowing at the bottom of a river, it may be falling from the sky, it may be in any ocean in the world.
If we can somehow reduce this situation, then we can turn this insurmountable problem into something we can succeed at."
After understanding the working principle of RoboForm, they began to look for clues that could narrow the search range along the timeline.
They soon noticed that in the timeline of software version updates, the update notes for the 2015 version were a bit suspicious:
"We have increased the randomness of password generation."
This sentence made the two genius hackers suspicious: Increased randomness??
Does this mean that the passwords generated before 2015 were not as random??
As computer hardware and software geniuses, Joe and Bruno have always known that it is actually "extremely difficult" for a computer to constantly generate a truly "completely random" string of numbers, and many random numbers are often related to some reference parameters:
"If we can manipulate this 'randomness', we may be able to get a predictable output that can be used to try to crack Michael's wallet password."
But now it's 2023, how can we go back to 10 years before Michael created the password and make the software mimic Michael's actions from that year?
At this point, the expertise of the two people became evident: they reverse-engineered the software, not only reverting the software version to the 2013 version, but also tampering with the system data to make the software believe it was executing a command from a user in 2013:
"We can deceive the system back to 2013, and it will think we are still within the time window when Michael generated the password."
Riding the "time machine" back to about 10 years ago, the two also used a software tool that the U.S. National Security Agency is also using to try to figure out the pattern of the passwords generated in the past:
"This software is like a Russian doll. Our target is the little doll in the middle that generates the password."
Through calculation and testing, the two were pleasantly surprised to find: the random password generation back then did have a pattern, and that pattern was the system time!
It turned out that in 2013, this software would generate a "pseudo-random password" strictly tied to the user's password creation time, and each moment's password was directly related to the creation time.
Obtaining the clue that the password is related to the time when Michael created the password, Joe and Bruno were very excited.
This means: their search range can be greatly reduced, as long as they know the day and approximate time when Michael created the random password, they can calculate a limited number of passwords and try them one by one.
But unexpectedly, Michael couldn't even remember which month and day he opened the software 10 years ago to generate the Bit password...
Joe and Bruno did not lose heart, and further patiently investigated.
They found out the time when Michael deposited the Bit into the electronic wallet: April 2013.
Logically, Michael should have created the random password a few months before and after this date. So Joe and Bruno set the search time to March to the end of April of that year.
They discussed and calculated through the night, waiting for the computer to run the results, but the results disappointed them: none of the results could unlock Michael's Bit account.
Helplessly, they contacted Michael again and asked him to carefully recall the exact date.
But Michael was also confused, after all, who can remember something that happened 10 years ago so clearly?
However, this time Bruno asked Michael to send him the other passwords Michael had created through this software that year. Joe and Bruno hoped to find some clues from the other passwords Michael had created using the same software.
The two found that Michael's other two passwords did not contain any special characters (¥..., & and the like).
Whether special characters appear in the random password can be set by the user themselves, Joe and Bruno, with a glimmer of hope, removed the option of special characters in the search range and extended the search time to June 1, 2013.
And in an ordinary early morning, a specific string of characters composed of numbers and letters suddenly popped up on Bruno's computer screen:
A unique result jumped out on the computer screen!
This result was something that even software expert Bruno himself didn't expect, that there would actually be a unique result!
The ecstatic Bruno
The result shows that Michael clicked to create this password at 4:10:40 pm on May 15, 2013...
Last November, Joe and Bruno kept this earth-shattering good news from Michael, they custom-made a huge foam board with a $1.6 million award for Michael, and successfully shipped the board to Barcelona by plane.
Then, while Michael was still cooperating in front of the camera to tell the story of how he lost this huge fortune, Joe and Bruno suddenly appeared in front of Michael and informed him of this good news with the medal!
All three were overjoyed beyond measure.
After 5 months of effort, Joe and Bruno really turned the previously impossible into 100%!
As a reward, Joe and Bruno took a certain proportion of Bit from Michael's Bit account after successfully cracking the password (they had reached an agreement with Michael to charge a fee only if they succeeded in decrypting).
And last November, Michael's Bit had risen from $5,300 10 years ago to $1.6 million.
Joe and Bruno turned the whole story into a short and exquisite documentary, and by the time the documentary was released in May this year, the $1.6 million had risen to $3 million...
At the end of last year, Michael sold some coins, gave some to his benefactors, and kept 30 coins for himself.
He plans to sell the remaining coins when Bit reaches $100,000 per coin.
Finally, in addition to thanking Joe and Bruno, Michael also thanked his own "smart being misled by smartness" from years ago:
"If I hadn't lost the password, maybe I wouldn't have had to wait 10 years, I might have sold it earlier."
Well, if it weren't for the help of two brilliant hackers and the fact that the software happened to have a huge system vulnerability in a previous version, Michael's password would have been lost to the Pacific Ocean long ago.
Hopefully, he'll remember it next time...
Ref:
https://english.elpais.com/technology/2024-08-14/i-hacked-time-to-recover-3-million-from-a-Bit-software-wallet.html
https://www.wired.com/story/roboform-password-3-million-dollar-crypto-wallet/
https://www.forbes.com/sites/daveywinder/2024/05/30/how-Bit-hackers-recovered-3-million-from-wallet-locked-in-2013/
https://www.youtube.com/watch?v=o5IySpAkThg