YouTuber ‘hacks time’ to rescue bitcoin lost since 2013
Three million dollars in locked bitcoin has been recovered by a hacking duo who claim to have ‘hacked time’ to crack a corrupted randomly generated password.
The anonymous holder (referred to in the video as ‘Michael’) stored his nearly-44 bitcoins, worth roughly $5,300 in 2013, in a hot wallet protected by a randomly generated 20-character password created by RoboForm.
Unfortunately, Michael subsequently lost his password after storing it in an encrypted file that was later corrupted. With no way to recover his bitcoin, he reached out to Joe Grand, an electrical engineer running a hardware-hacking YouTube channel.
Grand and his friend, software hacker Bruno, initially turned down Michael’s appeal for help as they claimed they would need to try millions of password combinations in a brute force attack that they said nobody would take on, “no matter how many computers they had.”
However, after he reached out again in 2023, the pair eventually agreed to help and began reverse engineering RoboForm. After a long process of analyzing code within RoboForm’s programs, they discovered an earlier version was generating passwords tied to the time and date on the user’s computer.
However, Michael couldn’t remember the exact time or date at which he created the password, or even if it contained special characters. This left Grand and Bruno trying thousands of passwords with no success.
Eventually, after deciding to see if the password was created without special characters, the pair ran their script and found a match. It turned out that the original password was generated on May 15, 2013, at 4:10:40 pm GMT.
Read more: Owner of 8K bitcoin lost in landfill threatens to bankrupt local council
Michael was later reunited with his ‘lost’ bitcoin during an interview when Grand surprised him with a cheque. The duo were given a percentage for their help and filmed the whole adventure for their YouTube channel.
Wired reports that Michael plans to wait until bitcoin’s price rises to $100,000 to sell his coins. The publisher also reports that Siber, the firm behind RoboForms, confirmed that the flaw related to password generation has been fixed but refused to explain how.
Got a tip? Send us an email or ProtonMail. For more informed news, follow us on X, Instagram, Bluesky, and Google News, or subscribe to our YouTube channel.