Close Menu
Technology Mag

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    15% Off Theragun Promo Code for August 2025

    July 31, 2025

    Meta is playing the AI game with house money

    July 30, 2025

    Ready or not, age verification is rolling out across the internet

    July 30, 2025
    Facebook X (Twitter) Instagram
    Subscribe
    Technology Mag
    Facebook X (Twitter) Instagram YouTube
    • Home
    • News
    • Business
    • Games
    • Gear
    • Reviews
    • Science
    • Security
    • Trending
    • Press Release
    Technology Mag
    Home » How Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto Wallet
    Business

    How Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto Wallet

    News RoomBy News RoomMay 30, 20243 Mins Read
    Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Email

    “We ultimately got lucky that our parameters and time range was right. If either of those were wrong, we would have … continued to take guesses/shots in the dark,” Grand says in an email to WIRED. “It would have taken significantly longer to precompute all the possible passwords.”

    Grand and Bruno created a video to explain the technical details more thoroughly.

    RoboForm, made by US-based Siber Systems, was one of the first password managers on the market, and currently has more than 6 million users worldwide, according to a company report. In 2015, Siber seemed to fix the RoboForm password manager. In a cursory glance, Grand and Bruno couldn’t find any sign that the pseudo-random number generator in the 2015 version used the computer’s time, which makes them think they removed it to fix the flaw, though Grand says they would need to examine it more thoroughly to be certain.

    Siber Systems confirmed to WIRED that it did fix the issue with version 7.9.14 of RoboForm, released June 10, 2015, but a spokesperson wouldn’t answer questions about how it did so. In a changelog on the company’s website, it mentions only that Siber programmers made changes to “increase randomness of generated passwords,” but it doesn’t say how they did this. Siber spokesman Simon Davis says that “RoboForm 7 was discontinued in 2017.”

    Grand says that, without knowing how Siber fixed the issue, attackers may still be able to regenerate passwords generated by versions of RoboForm released before the fix in 2015. He’s also not sure if current versions contain the problem.

    “I’m still not sure I would trust it without knowing how they actually improved the password generation in more recent versions,” he says. “I’m not sure if RoboForm knew how bad this particular weakness was.”

    Customers may also still be using passwords that were generated with the early versions of the program before the fix. It doesn’t appear that Siber ever notified customers when it released the fixed version 7.9.14 in 2015 that they should generate new passwords for critical accounts or data. The company didn’t respond to a question about this.

    If Siber didn’t inform customers, this would mean that anyone like Michael who used RoboForm to generate passwords prior to 2015—and are still using those passwords—may have vulnerable passwords that hackers can regenerate.

    “We know that most people don’t change passwords unless they’re prompted to do so,” Grand says. “Out of 935 passwords in my password manager (not RoboForm), 220 of them are from 2015 and earlier, and most of them are [for] sites I still use.”

    Depending on what the company did to fix the issue in 2015, newer passwords may also be vulnerable.

    Last November, Grand and Bruno deducted a percentage of bitcoins from Michael’s account for the work they did, then gave him the password to access the rest. The bitcoin was worth $38,000 per coin at the time. Michael waited until it rose to $62,000 per coin and sold some of it. He now has 30 BTC, now worth $3 million, and is waiting for the value to rise to $100,000 per coin.

    Michael says he was lucky that he lost the password years ago because, otherwise, he would have sold off the bitcoin when it was worth $40,000 a coin and missed out on a greater fortune.

    “That I lost the password was financially a good thing.”

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Email
    Previous ArticleHow IWC Made the Most Glow-In-the-Dark Watch Ever for Lewis Hamilton
    Next Article Anthropic’s AI now lets you create bots to work for you

    Related Posts

    Meta’s AI Recruiting Campaign Finds a New Target

    July 30, 2025

    Meta Is Going to Let Job Candidates Use AI During Coding Tests

    July 30, 2025

    The Real Demon Inside ChatGPT

    July 29, 2025

    Programmers Aren’t So Humble Anymore—Maybe Because Nobody Codes in Perl

    July 29, 2025

    60 Italian Mayors Want to Be the Unlikely Solution to Self-Driving Cars in Europe

    July 29, 2025

    Tesla Readies a Taxi Service in San Francisco—but Not With Robotaxis

    July 29, 2025
    Our Picks

    Meta is playing the AI game with house money

    July 30, 2025

    Ready or not, age verification is rolling out across the internet

    July 30, 2025

    Dropbox is shutting down its password manager

    July 30, 2025

    Spotify’s terrible privacy settings just leaked Palmer Luckey’s bops and bangers

    July 30, 2025
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    News

    Microsoft reports strong cloud earnings, with Windows and Xbox up too

    By News RoomJuly 30, 2025

    Microsoft just posted the fourth and final quarter of its 2025 fiscal financial results. The…

    Layoffs hit CNET as its parent company goes on a buying spree

    July 30, 2025

    How Do You Live a Happier Life? Notice What Was There All Along

    July 30, 2025

    Microsoft is getting ready for GPT-5 with a new Copilot smart mode

    July 30, 2025
    Facebook X (Twitter) Instagram Pinterest
    • Privacy Policy
    • Terms of use
    • Advertise
    • Contact
    © 2025 Technology Mag. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.