A hacker hacked into a secure crypto wallet with $2,000,000 in 12 weeks
American white hat hacker Joe Grand spent 12 weeks hacking one of the most secure cryptocurrency wallets, Trezor One.
What is known
The device is owned by Dan Reich. In 2018, he and a friend transferred Theta Network tokens with a total value of $50,000 to the wallet. Judging by the fact that the exchange rate at that time was about $0.2, we are talking about 240,000 coins.
Over time, they lost the wallet password. Trying to unlock the device, they used 12 attempts to enter the password out of 16 possible. After the 12th attempt failed, the guys shelved the idea of accessing the wallet.
However, in 2021, the Theta Network rate rose to $15, and as a result, the amount of money stored in the wallet increased to $3,600,000. Some time later, when the rate dropped to $2,500,000, the friends turned to the "white" hacker Joe Grand for help. . The specialist said that for 12 weeks he was trying to find a way to recover the password to the wallet.
It was possible to bypass the protection of the device thanks to the attack method with the introduction of errors. The cracker changed the voltage that was supplied to the chip, due to which he bypassed the protection of the RAM from reading from outside. The program, written by the same Joe Grand, was able to pick up a PIN code in 3.5 hours.
In connection with the fall in the Theta Network rate, Reich and his friend received not $3,600,000 and not $2,500,000, but only $2,000,000. They paid $30,000 to the hacker for his work. It remains to be hoped that the guys decided not to keep the cryptocurrency further, since now 240,000 coins are valued at about $700,000 at a rate of $2.95.
SatoshiLabs stated that she knew about the Trezor One vulnerability and fixed it back in 2017. Since then, there has never been any information about hacking at least one wallet.
A source: The Verge