‘I hacked time to recover $3 million from a bitcoin software wallet’

Michael from Germany bought some bitcoins in 2013 and stored them in a software wallet with a password. He used a password generator called Roboform to create it and saved it in an encrypted text file. Shortly afterward, the password file became corrupted, and he lost it forever: “At that moment I thought, ok, shit, about €2,000 [$2,200]… well, you just get angry,” says Michael, who uses a fictitious name to protect his identity. But over the years, the price of bitcoin began to rise. By 2024, his wallet was worth about $3 million. “I have this fortune, I can see it, but I can’t use it because I don’t have the password,” he said.

The only way he could think to recover it was to seek the help of legendary hacker, Joe Grand, known as Kingpin. Grand had recovered other passwords in laborious and complex processes, which he explained on YouTube videos. When Michael wrote to him, Grand told him it wasn’t going to work. “If we had to try every possible password combination, that’s more than100 trillion times the number of water drops in the entire world. If we think of one password being one water drop and we have to find that it might be flowing under the river, it might be falling from the sky, it could be in any ocean anywhere in the world. If we’re able to reduce that somehow, then we can turn this insurmountable problem into maybe something that we can succeed with,” Grand explains. He turned down the project: Michael’s only hope was to bequeath the wallet to his child so that one day more advanced technology would be able to open it.

Grand’s main job is teaching classes on how to hack devices in companies and organizations: “I take an electronic device, analyze it, find out how it works, identify the main components that we can exploit, monitor signals and look for vulnerabilities,” he explains via video conference to EL PAÍS. He also works helping people like Michael who have lost their passwords or have damaged their digital devices with cryptocurrencies. He receives many emails every week: “Now it takes up a significant amount of my time, I didn’t expect the amount of messages I receive,” he says.

Two of his recent successes, he says, are reviving the wallet of a guy who threw it into a lake in Florida and had to hire a team of divers to retrieve it (“I still don’t know why he threw it in”) or finding the password of a young man who, on his deathbed, told his brother that he thought the key had something to do with his grandmother’s name. In such cases, when the affected person has an idea of the password, it is possible to search for it by brute force, trying millions of similar variables one after another. But it is not the same when there are trillions of possibilities.

Michael persisted, and Grand, working with Bruno, a young software hacker, discovered an intriguing detail in how different versions of Roboform had changed over the years. For the new 2015 version, the company announced that the new feature: “Increases randomness of generated passwords.” Did that mean that before, say in 2013, when Michael created his password, passwords weren’t really random?

This is when the hackers began to imagine that there may be a way to recover the money: “Creating random numbers is very, very hard [...] If we can manipulate that randomness, we might be able to create a predictable output that we could use to try to crack Michael’s wallet,” Grand explains in the video on the case called “I hacked time to recover $3 million from a Bitcoin software wallet,” which has received more than 820,000 views. First, they had to find in Roboform’s code how it generated its passwords. This function is not accessible and, to find it, the hackers even used a tool from the U.S. National Security Agency, called Hydra: “This piece of software was like Russian dolls. Our target was the little doll in the middle that was generating the password,” says Grand.

After many hours of trying to understand how Roboform generated passwords, they found that they could create the same password twice. The hackers had discovered that the randomness depended on time: “We could trick the system and travel back to 2013 so that it would generate passwords in the time window in which we thought Michael had generated his password,” says Grand. The passwords that Roboform created depended on the time at which they were created: “Now the game really started,” adds Grand. First, however, Michael had to remember the approximate day in 2013 when he had generated the password and the precise parameters (number of characters, lowercase, uppercase, special keys) that were used.

But before that, Grand and Bruno had discovered a huge vulnerability in Roboform. People who used random passwords before 2015 with Roboform are potential victims: “It was the first time I had done a project like this. I have done reverse engineering before, but recreating basically every possible password that could have been generated with a generator was new, and I didn’t even know it was possible. It’s also extremely problematic for anyone who has used that software,” says Grand.

Wired contacted Roboform, which did not offer an explanation on how it had fixed the problem. It had not warned all of its customers either: “This is a bigger issue for me than finding someone’s password to recover their bitcoin,” Grand says. “These [faulty] passwords can protect bank accounts, medical records, because it’s software that’s being sold. Sometimes the vendors are very grateful and fix the problems, but other times they act as if nothing happened. It’s possible that future versions will also be susceptible, just in a slightly different way, because they never shared how they fixed the problem.”

While one might think that no one else would spend as many hours solving a problem as Grand and Bruno — especially since they had the incentive of keeping a percentage of the bitcoins they helped recover — but Grand believes that is extremely unlikely: “If Bruno and I discovered this problem, then surely someone else has discovered it too. Since I was young, when I was in hacker collectives, I have always said that we are just guys messing around. Imagine if it is a public agency, an adversary or a state, chances are they are taking advantage of it in some way, it could even be the U.S. government,” he says.

Success did not come easily

But Grand and Bruno’s job was to help Michael. He gave them a date in the spring of 2013 and some parameters: 20 digits and lowercase, uppercase and special characters. They tried the millions of passwords Roboform created in that window, and they didn’t work. Something wasn’t right. They started getting nervous: “[Michael] was getting annoyed with us,” says Grand. “But in the end, he had misremembered. We tried another set of parameters, and it worked.”

Michael spent s few days in Barcelona in the fall of 2023, and Grand and Bruno showed up with a huge check for “$1.6 million,” because that was the value of his bitcoin at the time. When they posted the video on YouTube in June 2024, it had doubled.

The videos on Grand’s channel aren’t just about showing off his technical skills: “Hacking often seems like magic, but there’s actually a process behind it. If you do the right thing, you can take control of systems, and that’s something I love. I like being able to share that with people, so they can look at the code and say, ‘Oh, that’s all it is! It’s just moving some stuff around and running this code, and all this happens. ’”

Even though he is paid for his work, Grand doesn’t do these projects to get rich. “It keeps my hacker mind busy and awake, and I’m interested in working on interesting projects because each case is a little different,” he says. “Right now I’m sitting on a wallet that I’ve never seen before, so I have to explore it, understand it, do some experiments, and then try to hack it. There’s also another project in the works that’s very interesting as a challenge and puzzle, so that’s important.”

While his hacker mind enjoys these challenges, Grand is quick to warn the industry that software is not infallible, and even less so in the hands of humans. “I have 935 passwords, some created before 2015,” he says. “If I, who am in the business of this, don’t renew them unless I am forced to, what will other people do? That is why it is so important for companies to report their problems when they arise.”

Grand’s success in finding these types of passwords has led to him receiving many messages from people who have been scammed. In such cases, there is little he can do. “I never ask for money in advance, because that is how scammers work,” he says. One of his problems is the webpages that impersonate him: “Right now our main objective is to take down one that has my name and the extension ‘.es’, from Spain,” he says.

Sign up for our weekly newsletter to get more English-language news coverage from EL PAÍS USA Edition