An anonymous Bitcoin owner successfully unlocked a wallet containing $3 million after being locked out for 11 years. The owner, who had used a random password generator to protect his 43.6 Bitcoins, lost the password due to his own security measures. Paranoid about potential hackers, he had saved the password in an encrypted file but later forgot it. Desperate to regain access after Bitcoin’s value skyrocketed, he reached out to well-known hacker and electrical engineer Joe Grand, also known as “Kingpin.”
Grand accepted the challenge and began dissecting the older version of the password generator software called RoboForm. He discovered that despite its reputation for generating unique and random passwords, it could actually be manipulated by controlling the time settings. By resetting the system clock to 2013, when the original password was generated, Grand was able to recreate it. Using this time-based hack, and with a stroke of luck, Grand and his colleague managed to generate millions of possible passwords and eventually cracked the code.
Grand acknowledged that luck played a significant role, mentioning, “If either our parameters or time range was off, we would have just been taking shots in the dark.” This case underscores both the potential risks of using password generators without backups and the innovative solutions hackers can employ to recover long-lost digital assets.
