Hack The Planet: How This Hacker Unlocked A $2 Million Crypto Wallet

  • Share to Facebook
  • Share to Twitter
  • Share to Linkedin

The theft of cryptocurrency has become such a commonplace thing these days that the recent ‘wormhole hack’ which saw $325 million stolen from the DeFi bridge, is hardly that shocking anymore. But, as I keep pointing out, while cyber-crooks can use hacking techniques to steal crypto (it’s all data, after all), that doesn’t make all hackers baddies. Far from it. And to helpfully prove my point, you need to look no further than Joe Grand and the case of the locked $2 million Trezor crypto wallet.

MORE FROM FORBESOne American Hacker Suddenly Took Down North Korea’s Internet-All Of It

Kingpin, aptly, recovers lost wallet crypto wallet PIN

Grand, better known within the hacking community as Kingpin, is a very well-known and very well-respected hardware hacker. In days past, he was a member of the influential L0pht Heavy Industries hacker collective, as well as a presenter of the Prototype This! Discovery Channel television show.

When Dan Reich found himself sitting on more than $2 million of Theta tokens in a locked Trezor One crypto wallet, with a long-forgotten PIN, he turned to Kingpin for help. And help he did.

You can read the full story at The Verge and I’d highly recommend that you do. However, the quick and dirty version is that the master hacker spent three months exploring three identical crypto wallets, with the same firmware installed, trying to find a way in that would work. Work, that is, in a repeatable fashion without rendering the contents lost forever. The method he eventually came up with was based on some 2018 research that, according to The Verge article, was a glitching method that uses a “fault-injection method” of altering chip voltage to “undermine security protecting the RAM and allow them to read the PIN and key when they were briefly in RAM.”

MORE FROM FORBESCrypto.com Admits $35 Million Hack
MORE FROMFORBES ADVISOR

Best Travel Insurance Companies

ByAmy DaniseEditor

Best Covid-19 Travel Insurance Plans

ByAmy DaniseEditor

Hack the Planet and unlock $2 million of lost cryptocurrency

This glitching froze all three wallets in its raw form and could not be trusted to work with such a large amount resting on success. After all, get it wrong, and that wallet could remain locked forever it the RAM was wiped. This didn’t deter a skilled hacker such as Kingpin, though; he persevered and uncovered a vulnerability that meant the wallet PIN and key were copied to RAM during the wallet power-on phase. The trick, therefore, was to glitch the thing at precisely the right point in the process.

Kingpin coded some software that would do this, still risky, it has to be said, procedure. That software announced ‘Hack the Planet’ after three or more hours of pinpointing the exact moment to strike. When the program was finally let loose on Reich’s wallet for real, it took three and a half tense hours before that message, made famous in the Hackers movie, appeared. But appear it did, and Reich was able to move the $2 million of crypto out of the wallet. Kingpin was, of course, well rewarded for his efforts.

Trezor, for its part, has already fixed that vulnerability.

Junyuan bags

Ten articles before and after

Billionaire Peter Lim’s ZujuGP Buys Tokigames As Digital Platform Pursues Online Football Gamification

Oil Market Shows Optimistic Outlook For Energy Crisis

E-Commerce Company Copia Global Isn’t Building The ‘Amazon For Africa’

Voyager Becomes Second Philippine Unicorn After Raising $210 Million From SIG-Led Funding Round

How Financial Businesses Can Harness Potential In WaaS And BaaS

Super Apps Or Smart Wallets?

Four Harsh Truths (And Four Best Practices) For Crypto Wallets

Ukraine Demonstrates That Cryptocurrency Is A Potent Tool For Marshaling Grassroots Support

IMF Believes In Bitcoin Wallet For El Salvador But Not Legal Tender Status

Treasury Has Self-Hosted Wallets And Adding Crypto To BSA On 2022 Agenda

About US

We are bag factory,supplier from China.We provide customization for diaper bag,sneaker bag,tool bag,picnic bag,pet bag,ski bag,food delivery bag,and so on.We provide free bag artwork or design service.Can help you to do DDP service and we accept small quantity for test order.We have BSCI and ISO audit,no problem for REACH,LFGB,CE,FDA ,CPC,CPSIA and ASTM test reports or certificates.