11-Year-Old Roboform Flaw Helps Researchers Crack $3 Million Crypto Wallet
The post 11-Year-Old Roboform Flaw Helps Researchers Crack $3 Million Crypto Wallet appeared first on Coinpedia Fintech News
A group of researchers discovered the password to a crypto-wallet filled with $3mln worth of Bitcoin, by hacking into an 11-year-old version of the RoboForm password manager program.
Bitcoin Holder Loses Access to Wallet
Two years ago a European holder of the cryptοcurrency Bitcoin, who goes by the name “Michael” contacted hardware hacker Joe Grand to help him hack his Bitcoin wallet containing approximately millions worth of BTC.
Michael kept his crypto securely in a virtual wallet and had a password with twenty characters manufactured by RoboForm and encrypted with TrueCrypt. Unfortunately, the file was damaged and the access was lost
At first, Grand refused as he considered that his expertise in the hardware devices has no relevance to a software wallet. But later Michael somehow persuades Grand and his acquaintance Bruno, a hacker, to take up the project.
Both the researchers downgraded to the version of RoboForm used in 2013 and identified that the pseudo-random number generator PRNG connected passwords with date/Time.
Knowing this, they set the date and time of the computer to a more appropriate date, 2013 to be precise. After multiple attempts, they successfully generated the correct password.
Witnessing the Bitcoin Recovery and Price Surge
This not only paved the way for the solution for a technical problem but it also rendered monetary gain for Michael. After Bitcoin gained its price, his investment expanded (approximately $5,300 in 2013). After the recovery, Michael sold some bitcoin at $62,000 and currently holds 30 BTC which is approximately $3m today.
The Importance of Software Updates and the Role of Serendipitypen
Packed with such problems, RoboForm, developed by Siber Systems, addressed the issue in one of its updates in 2015, but the story shows that users who haven’t updated their passwords may face such an experience.
Joe Grand also stressed that they were rather lucky and skilled to consider themselves successful. “We were indeed fortunate that our parameters and time period coincided to give us success”, he said.
Michael perceives this as fortunate because his losing access to his wallet denied him the chance to sell his Bitcoin too early and now it is worth millions for him.
Also Check Out: Crypto Hack Report This Week: Analyzing Recent DeFi Hacks and Security Breaches
