Saturday, September 30

Hacker helps user recover BRL 10 million in cryptocurrencies

Protected by a PIN, a kind of password, hardware wallets are great for those looking for security. The problem is when you forget your password, and that’s what happened to Dan Reich and a friend.

Because of this, they sought the help of an expert to to hack the wallet. The reason for this journey was the appreciation of the Theta token, which jumped from $0.20 to $15 at its all-time high.

On the other hand, the US government is also working to circumvent such hardware wallets. As an example, the IRS hired a team in September last year to hack into such devices.

BRL 10 million locked in a hardware wallet

After buying $50,000 worth of Theta cryptocurrency, Dan Reich and his friend were in for two surprises. The first is that this token has appreciated 75 times, the second is that they lost access to the hardware wallet that gave access to this fortune.

With that, they got in touch with Joe Grand aka Kingpin, a hardware hack specialist. The story is so interesting that it was documented on video.

Reich claims that Kingpin was his choice because he proved to be more transparent and professional than others. With that, he took a plane to Portland, USA, to deliver the hardware wallet in hand.

Hacking a Trezor Hardware Wallet

To begin with, it is worth remembering that the contents of the wallet are erased after several wrong access attempts. Therefore, the path to recover the 10 million reais would be much more complicated than that.

After bug injection tests on other devices, the hacker found that both the PIN and the seeds (12 words) were moved into the wallet’s RAM memory, allowing it to be accessed.

However, it is worth remembering that Kingpin had a bit of luck as this flaw was fixed in the next firmware version of Trezor’s wallet. In other words, this is a benefit of open source software, after all these flaws can be alerted by other people and quickly corrected.

Going further, Kingpin also had to go through a security mechanism that protected access to data contained in memory. Finally, different professional tools were used to make the attack successful, as shown in the images below.

“It’s like finding a bug in a video game […] you need to find the right time to be able to use it”

Diagram of how the hack would be done. Source: Joe Grand / YouTube
Equipment assembled for the hack. Source: Joe Grand / YouTube

With everything connected, it was time to wait. Kingpin’s estimate was that the result could take about four hours as it would take about 10,000 attempts. Meanwhile, they talked and ate a pizza, perhaps in Laszlo’s honor.

Then, after 3 hours and 19 minutes, the computer spoke the phrase “hack the planet”, programmed by Kingpin to be said when the attack was successful.

Then the hacker managed to extract both the 12 words and the PIN that gave access to Reich’s fortune, taking the air of seriousness out of the room and giving space to two broad smiles.

US government is hiring hackers

As reported by Livecoins in September, the US Internal Revenue Service is also interested in hacking such equipment to recover funds they believe belong to the state.

As an example of their determination, the agency posted a contract opportunity that filled quickly. Therefore, with a large budget and a team with extensive knowledge, it is quite possible that they will succeed in this endeavor.

Finally, it’s worth noting that this is a cat and mouse race. That is, hardware manufacturers are always fixing points of failure as well as releasing new security solutions.

If you don’t want to go through the same problems as Reich, it is recommended that you keep a backup of your seed, the 12 words, offline and safely. After all, they are the ones who give you access to your wallet, whether it’s hardware or not.