Sign up to save your podcasts
Or
Share A Well-Known Computer Engineer Cracks a Trezor Wallet Containing $2 Million in Cryptocurrency
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
A Well-Known Computer Engineer Cracks a Trezor Wallet Containing $2 Million in Cryptocurrency
In 2018, friends invested $50,000 in Theta but were unable to access their Trezor Ones. They are now $2 million richer, though, thanks to the assistance of a single hacker in cracking the wallet.
With the assistance of famous computer programmer and hardware hacker Joe Grand, New York City entrepreneur Dan Reich recently regained access to more than $2 million in cryptocurrency stored in a Trezor One hardware wallet.
In a recent YouTube video, the Portland-based hacker known as "Kingpin" detailed how he cracked the wallet in order to recover the "lost" crypto funds.
The Beginnings
Dan Reich and a friend spent $50,000 earlier in 2018 on the newly minted Theta cryptocurrency, which was selling at roughly 21 cents at the time.
They initially stored the tokens on a Chinese exchange but were forced to move them to a Trezor One hardware wallet due to the local government's increasing crackdown on cryptocurrencies. They overlooked the coins, however.
Reich soon realised his error and sold the Theta tokens. Nevertheless, his friend had already misplaced the piece of paper on which he had written the wallet's PIN, and they were forced to begin guessing the five-digit PIN. They have already made multiple incorrect guesses at this point.
After 12 erroneous guesses, the duo decided to call it quits, as the wallet's data would be immediately deleted after the 16th incorrect guess.
$50,000 $2,000,000 profit
As the price of Theta has continued to rise over the years, the value of their "lost" cryptocurrency fortune has increased to $2 million this year. Reich and his associates increased their efforts to recover access to the monies, motivated by their crypto windfall.
They soon located a Swiss banker who claimed to have French friends capable of cracking the wallet in a laboratory. They insisted, however, that Reich not visit the lab or be aware of the identities of those allegedly cracking the wallet in order to perform the job.
Despite how absurd the concept seemed, the duo was willing to take a chance as their situation deteriorated. Reich discovered Joe Grand in the United States, though, in a surprising turn of events.
A Hacker Is a Lifesaver
They contacted the computer engineer immediately, who agreed to assist. Grand purchased three identical wallets and flashed them with the same firmware as Reich and his friend. He spent 12 weeks experimenting until he discovered a means to recover the forgotten PIN.
Grand stated that he utilised a fault injection attack, which alters the voltage applied to the chip, to circumvent the wallet's microcontrollers' security. It protects against hackers reading RAM and gaining the PIN required to open the wallet and its contents.
"Essentially, we are inducing misbehaviour on the silicon chip inside the device in order to circumvent security. And what ended up occurring is that I was sitting here monitoring the computer screen and noticed that I had defeated the security; the private information, the recovery seed, and the pin I was looking for all popped up on the screen," the hacker added.
Reich and a friend reclaimed their $2 million cryptocurrency fortune and gave Grand a share of the loot.
Trezor Takes Action
Meanwhile, shortly after the story broke, hardware wallet maker Trezor sought to reassure consumers by stating that the vulnerability Grand used to retrieve the stolen cryptocurrency had been detected and remedied.
The business said that all new devices are "delivered with a patched bootloader" and thus do not contain the vulnerability.
Support us!
View all episodes
By Crypto PiratesIn 2018, friends invested $50,000 in Theta but were unable to access their Trezor Ones. They are now $2 million richer, though, thanks to the assistance of a single hacker in cracking the wallet.
With the assistance of famous computer programmer and hardware hacker Joe Grand, New York City entrepreneur Dan Reich recently regained access to more than $2 million in cryptocurrency stored in a Trezor One hardware wallet.
In a recent YouTube video, the Portland-based hacker known as "Kingpin" detailed how he cracked the wallet in order to recover the "lost" crypto funds.
The Beginnings
Dan Reich and a friend spent $50,000 earlier in 2018 on the newly minted Theta cryptocurrency, which was selling at roughly 21 cents at the time.
They initially stored the tokens on a Chinese exchange but were forced to move them to a Trezor One hardware wallet due to the local government's increasing crackdown on cryptocurrencies. They overlooked the coins, however.
Reich soon realised his error and sold the Theta tokens. Nevertheless, his friend had already misplaced the piece of paper on which he had written the wallet's PIN, and they were forced to begin guessing the five-digit PIN. They have already made multiple incorrect guesses at this point.
After 12 erroneous guesses, the duo decided to call it quits, as the wallet's data would be immediately deleted after the 16th incorrect guess.
$50,000 $2,000,000 profit
As the price of Theta has continued to rise over the years, the value of their "lost" cryptocurrency fortune has increased to $2 million this year. Reich and his associates increased their efforts to recover access to the monies, motivated by their crypto windfall.
They soon located a Swiss banker who claimed to have French friends capable of cracking the wallet in a laboratory. They insisted, however, that Reich not visit the lab or be aware of the identities of those allegedly cracking the wallet in order to perform the job.
Despite how absurd the concept seemed, the duo was willing to take a chance as their situation deteriorated. Reich discovered Joe Grand in the United States, though, in a surprising turn of events.
A Hacker Is a Lifesaver
They contacted the computer engineer immediately, who agreed to assist. Grand purchased three identical wallets and flashed them with the same firmware as Reich and his friend. He spent 12 weeks experimenting until he discovered a means to recover the forgotten PIN.
Grand stated that he utilised a fault injection attack, which alters the voltage applied to the chip, to circumvent the wallet's microcontrollers' security. It protects against hackers reading RAM and gaining the PIN required to open the wallet and its contents.
"Essentially, we are inducing misbehaviour on the silicon chip inside the device in order to circumvent security. And what ended up occurring is that I was sitting here monitoring the computer screen and noticed that I had defeated the security; the private information, the recovery seed, and the pin I was looking for all popped up on the screen," the hacker added.
Reich and a friend reclaimed their $2 million cryptocurrency fortune and gave Grand a share of the loot.
Trezor Takes Action
Meanwhile, shortly after the story broke, hardware wallet maker Trezor sought to reassure consumers by stating that the vulnerability Grand used to retrieve the stolen cryptocurrency had been detected and remedied.
The business said that all new devices are "delivered with a patched bootloader" and thus do not contain the vulnerability.
Support us!