New York-based entrepreneur and crypto enthusiast Dan Reich breathed a sigh of relief after a hardware hacker helped him recover over $2 million sitting in a Trezor One hardware wallet.
ដូចដែលបានរាយការណ៍ដោយ Verge បាន, in early 2018, Reich and his friend spent $50,000 in Bitcoin to purchase a batch of Theta Network tokens (THETA), worth about $0.21 at the time. Initially, the funds were held on a China-based crypto exchange and later moved to a Trezor One hardware wallet.
By the end of 2018, when the price of the token crashed nearly fourfold, the two friends decided to cash out their investment. They realized, however, that they had forgotten the security PIN to the wallet which contained the tokens.
After 12 failed attempts to guess the PIN, they gave up as the wallet would wipe itself clean after 16 unsuccessful tries.
However, after the price of Theta skyrocketed last year to hit an all-time high above $15 and their initial investment briefly rose above $3 million, Reich and his friend decided to renew their attempts to get access to the wallet.
Going through different avenues, the two friends reached out to Joe Grand, a Portland-based hardware hacker, who eventually managed to recover the PIN.
Sidestepping Trezor security
As Grand explained in his YouTube video, normally, Trezor One wallets temporarily move the PIN and key to the RAM during a firmware update.
Once the update is complete, the information is moved back to flash.
This wasn’t the case with Reich’s wallet—despite Trezor removing the PIN and key that got copied to RAM during a boot-up, the PIN and key appeared in the device’s RAM at later stages.
This meant that should Grand inadvertently wipe the RAM before he could read the data, he would be unable to recover the PIN.
Source: https://decrypt.co/91250/hacker-helps-recover-2m-worth-crypto-trezor-wallet