My Interview with Famous Hardware Hacker Joe Grand aka Kingpin

[Pmalek]

I was asking about OneKey wallet because they use forked Trezor code, but I guess he earned good money from his previous gigs like this.

Yeah, I am sure he has been doing this longer than we can imagine. He probably has some regular or semi-regular work going on. I know he travels a lot and is a guest speaker and lecturer on conferences and security workshops. Plus there is the new company that focuses on hardware wallet hacking.

I just checked his youtube channel and I saw he was working on his thinnest boombox project... he is a bit weird, but I like his style.

Yeah, that one came out a few months ago. I laughed during the scene when he met those kids in the street and cursed.

[Pmalek]

Hardware hacker Joe Grand is back with another hacking video:
I hacked time to recover $3 million from a Bitcoin software wallet

This time, he managed to hack a software wallet that had been inaccessible since 2013. His client created a password using the password generator RoboForm (closed-source). It was a 20-character pass with (what the client believed were) upper and lower-case letters, numbers, and special characters.

He used the generated password as a passphrase for his wallet and also saved it in an encrypted partition using TrueCrypt on his computer. This partition later got corrupted, so he couldn't access the data.

The value of the 43.6 BTC at the time was a couple of thousand euros. With the current price, that's around $3 million.

With the help of a software hacker named Bruno, the pair decided to reverse-engineer RoboForm instead of trying to bruteforce a 20-character password.
The following is a quick summary of the video with spoilers. Don't read it if you want to watch the video first!


The experiment proved that RoboForm wasn't generating random passwords in the past (maybe it still isn't).
By going through the changelog of the software, they discovered that RoboForm developers increased the randomness of generated passwords in 2015. That was a hint that previous releases weren't random enough.

Joe and Bruno's target became the part of the code responsible for password generation. They discovered that the password generated in the GUI is stored in memory. With the help of Ghidra, they disassembled the code to find where the password generation happens.

While looking through the code, they noticed a reference to system time. The function was used in combination with the random number generator to generate passwords. They figured out that by changing the time, RoboForm would generate predictable passwords.   

Using a debugger, they found out that by changing the time value in the code, they could trick the software into generating passwords from the past.

They created a piece of code to change the system time and save each generated password. The client gave them a timeframe when he believed he had created his password, and they started retrieving old passwords. It ended up being millions of passwords.

After some additional work and tweaking, they discovered the correct password and recovered the lost bitcoin.


Link to the video:
I hacked time to recover $3 million from a Bitcoin software wallet

[dkbit98]

Hardware hacker Joe Grand is back with another hacking video:
I hacked time to recover $3 million from a Bitcoin software wallet

Another self-commercial for his, but it was really interesting video to watch, especially for people who think that something is random just because some software claims it's random.
In this case guy who owned bitcoin was happy to recover access to his coins, but I can only imagine how many people are using even weaker passwords.
Another good reason why everyone should also have offline physical backup is corruption of hard drives, this happens more often than people think.

[Pmalek]

<Snip>

I can't shake the feeling that the software was configured to generate predictive passwords by accident. That "bug" was also an excellent opportunity for someone to keep records of all the generated passwords, just in case they needed them for something. The change log says they improved their password generation systems, but I wonder if they still have a way to know who generated what and when!?