Hacker finds 11 character password and opens Bitcoin wallet containing 3 million

Assume for a moment that you bought some 43 Bitcoins back in 2013 (when the price was $3,000 per Bitcoin) and you transferred those digital coins to a crypto wallet on a USB. Afterwards you used a program called Roboform to generate an 11-character password and then you wrote it down somewhere.

However, you lose the piece of paper with the password on it and can no longer access your crypto wealth. Of course, if Bitcoin would have dropped in value since that wouldn’t have been that much of a disaster, but if the value of what’s stored on that USB grows to $3 million, you hire a hacker.

Hackers unlocked a $3M Bitcoin wallet after 11 years. Engineer Joe Grand, aka 'Kingpin,' cracked the lost Roboform-generated password to recover 43.6 BTC. #Bitcoin #Crypto pic.twitter.com/cdKhpBOvQ5

— Space $Gem 💎 (@Space_Gem_) June 2, 2024

Joe Grand

This is the story of ‘Michael’ an anonymous European crypto enthusiast who contacted hacker Joe Grand and his team this year. In the end, Grand found a way to break Roboform and Michael was able to access his crypto portfolio containing $3 million.

The unique story was first picked up by Wired and subsequently published in Forbes. Hacker Joe Grand himself also posted a long video with the explanation on social media.

How did he do it?

Ultimately, the solution was found in the Roboform software. Apparently, the program created virtually the same passwords for users on the same day, depending on the parameters of the PC the program it was running on.

Grand and his team spent weeks testing and ultimately tricked Roboform into believing it was running on a computer in April 2013, the month Michael purchased his Bitcoins and thus generated his password. This made the list of possible answers very short and after the sixth attempt or so the crypto wallet was finally cracked. So all’s well that ends well.

Pro tip: never lose sight of where you keep your password