In a recent success story, hardware hacker Joe Grand helped “Michael,” a European cryptocurrency owner, recover $3 million worth of bitcoin after an 11-year-old password was cracked. Michael had stored his 43.6 BTC in a password-protected digital wallet, using a password generated by the RoboForm password manager; He encrypted this password with TrueCrypt, but when the file became corrupted, he lost access to it.
Initially, Grand turned down Michael’s request for help, but he reconsidered last year. Michael had contacted various cryptography experts, all of whom believed recovering the password was impossible. Grand, who is known for his expertise in hardware hacking, had previously helped recover $2 million in cryptocurrency from a Trezor wallet using advanced techniques — However, Michael’s case involved a software-based wallet, making Grand’s usual hardware skills less applicable.
Grand considered brute-forcing the password, but this approach was impractical given the complexity and length of the password; He also pondered the possibility of a flaw in the RoboForm password manager that might allow for easier guessing, but he doubted such a flaw existed — Turns out, it did! The specific version of the wallet that Michael installed had “a limitation” in its randomization feature for generating the password.
Teaming up with his friend Bruno in Germany, who also specializes in hacking digital wallets, Grand eventually agreed to tackle the problem. Despite the initial doubts and the challenges posed by the software-based encryption, their combined expertise and a stroke of luck led to the successful recovery of Michael’s bitcoin.