Bitcoin
How Researchers Cracked an 11-Year-Old Password for a $3 Million Crypto Wallet
“Ultimately, we were lucky because our parameters and time frame were correct. If any of them were wrong, we would have…continued to make assumptions/shots in the dark,” Grand said in an email to WIRED. “It would have taken much longer to pre-calculate all possible passwords.”
Grande and Bruno created a video to explain the technical details in more detail.
RoboForm, manufactured by US-based Siber Systems, was one of the first password managers on the market and currently has more than 6 million users around the world, according to a company report. In 2015, Siber appeared to fix the RoboForm password manager. In a quick look, Grand and Bruno were unable to find any sign that the pseudo-random number generator in the 2015 version used computer time, which makes them think they removed it to fix the flaw, although Grand says they would need to look into it. in more detail to be sure.
Siber Systems confirmed to WIRED that it fixed the issue with version 7.9.14 of RoboForm, released on June 10, 2015, but a spokesperson did not respond to questions about how it happened. On a change log on the company’s website it only mentions that Siber programmers made changes to “increase the randomness of the generated passwords”, but does not say how they did this. Siber spokesperson Simon Davis says “RoboForm 7 was discontinued in 2017.”
Grand says that without knowing how Siber fixed the problem, attackers will still be able to regenerate passwords generated by versions of RoboForm released before the fix in 2015. He’s also not sure whether current versions contain the problem.
“I’m still not sure I’d trust it without knowing how they’ve actually improved password generation in newer versions,” he says. “I’m not sure RoboForm knew how bad this particular weakness was.”
Customers can also still use passwords generated in previous versions of the program before the fix. It appears that Siber never notified customers when it released fixed version 7.9.14 in 2015 that they should generate new passwords for critical accounts or data. The company did not respond to a question about this.
If Siber didn’t inform customers, it would mean that anyone like Michael, who used RoboForm to generate passwords before 2015 — and still uses those passwords — could have vulnerable passwords that hackers could regenerate.
“We know that most people don’t change passwords unless asked,” says Grand. “Of the 935 passwords in my password manager (not RoboForm), 220 of them are from 2015 and earlier, and most of them are [for] sites I still use.”
Depending on what the company did to fix the problem in 2015, newer passwords could also be vulnerable.
Last November, Grand and Bruno deducted a percentage of bitcoins from Michael’s account for the work they did and then gave him the password to access the rest. Bitcoin was worth $38,000 per coin at the time. Michael waited until the value rose to $62,000 per coin and sold some of it. He now has 30 BTC, now worth $3 million, and is hoping the value will rise to $100,000 per coin.
Michael says he’s lucky he lost the password years ago because otherwise he would have sold bitcoin when it was worth $40,000 per coin and lost a greater fortune.
“The fact that I lost the password was a financially good thing.”