Sponsored
Lost your hardware wallet passphrase and looking for a way to recover your coins? Here’s how tohow KeychainXrecovery experts have done it for their clients. This is a trusted service provider that specializes in recovering lost crypto wallets and can also recover funds from broken hardware drives, phones, and Trezor/Ledger wallets.
Recover Trezor Wallet Passphrase
The TREZOR hardware wallet is a security device that protects users from keyloggers and phishing emails, keeping their bitcoins and crypto safe. Various hacking groups were able to open the device by mitigating side-channel attacks, but this was only possible because “passphrases were not used.” The bitcoin private key is protected because the user only enters the PIN during the transaction. The only backup is a 12/24 word mnemonic that determines which address is stored on the device.
Recently, a client asked the team to brute force the TREZOR wallet because the KeyChainX team forgot the client’s passphrase (commonly known as the 25th word). The passphrase is a string of characters that the user must enter into the TREZOR wallet. Passphrases are designed to keep funds safe if a user loses their TREZOR and someone else gets the 24-word mnemonic. The passphrase can be a word, a number, or a random string of characters. The idea behind it is to make the thief believe that if he opens someone’s TREZOR or recovers it with 24 words, he will only find a “fake” or low-value amountof BTC. This particular client had stored US$10 worth of bitcoins in their TREZOR main wallet based on 24 words, but the real treasure trove is the wallet hidden behind his passphrase, the value of which cannot be disclosed by the team.
The KeyChainX team split this job into two (or three) phrases. Before the team started, however, the client wanted to meet in person. Since a security presentation was scheduled in Europe, a trip to South America was out of the question, and the client agreed to a Skype “interview. “Two hours later, the team was confident that no funds would be taken away.
How did the team crack it and brute force it?
The first part is data sourcing. First, since a six-character passphrase would take forever to brute-force with traditional tools, the team gathered information that could be a clue to the passphrase. For example, the GITHUB repo of a user named gurnec has a tool called Btcrecover that brute-forces hundreds of passwords per second on average. For example, it takes two days to break a five-character password, and six months if uppercase letters and numbers are added.
A client’s password, consisting of more than five characters, both upper and lower case, and possibly numbers and unique characters, can take approximately two years or more to brute force with this tool; that is, if the main wallet was first created with TREZOR This is the case when the main wallet is first created in TREZOR. However, this is not true. Instead, a “fake” wallet was created, transactions were made first, and the real wallet was created later. They were then forced to search multiple wallet addresses and change addresses, doubling the time required to break the encryption.
This was not the first request to open TREZOR, so the team decided to build a custom tool using a GPU about a year ago. The speed of the custom tool is 240,000 passwords per second, a 1,000-fold increase over gurnec’s GitHub source.
Mask Attack Customization
The client gave the KeyChainX team five previously used wallet addresses, a list of hints, and a mnemonic of 24 words. First, they needed to determine if the 24 words were valid and if the mnemonic was valid.
Next, we had to choose which derivation path to search; TREZOR can use both LEGACY and SEGWIT addresses, and the specifications are easily distinguished by looking at the first letter of the address. In addition, the derivation paths differed depending on the version of the BIP, so it was necessary to specify which wallet type to use and which derivation path to use. Finally, SEGWIT uses m/49’/0’/0 and LEGACY has several options. Finally, TREZOR used eight 1080Ti Founders Edition GPU cards (each costing up to 1000 USD, depending on the specification and model) to activate the custom tool.
Initially, they searched for enough letters and words, but the masks and algorithms took about two months too long. So we changed tactics and found a pattern, using tips from the owner of TREZOR. That pattern was to use lowercase and uppercase letters as the first letter of the password. Then some lowercase letters, and a limited number combination (e.g., birth date, month, safe PIN). Additionally, two unique characters were used, which had to be taken into account. The mask was again modified and the team found the password within 24 hours after the “interview.”
A simple message on WeChat asking for the client’swallet, a BTCwallet (the team advised not to use the same TREZOR again). The team transferred the client’s funds within an hour.
Crypto Wallets Recovery ExpertsCrypto Wallets Recovery Experts
If you have not heard of KeychainX, please visit the 2017 It is a cryptocurrency wallet recovery service that has been in operation since 2006. The company has recovered wallet keys for many clients around the world, and you can see some of its rave reviews onTrustpilot, where KeychainX has earned a near-perfect 4.9 “Excellent” score. See this article on how to unlock different types of wallets, this article on working with blockchain wallets, and this article on recovering keys from a Multibit Classic or Multibit HD.
KeychainX has moved from its birthplace in the United States to Zug, Switzerland in 2021. The area is known in the blockchain community as Crypto Valley due to the concentration of related companies. The company’s CEO, Robert Rhodin, is naturally one of the leading experts in the field of crypto wallet recovery.
For more information about the company, please visitor send an email to KeychainX.io or[email protected] to discuss password recovery. Please send us an email at.
This is a sponsored post. Learn more about how to reach our audience here. Please read the following disclaimer.
Image Credits: Shutterstock, Pixabay, Wiki Commons