keychainx, trezor

sponsored

Have you lost the passphrase for an hardware wallet and looking how to recover your coins? Here is how the KeychainX recovery experts have done just that for a client. This is a trusted service provider that specializes in recovering lost crypto wallets and they can even recover funds from broken hardware drives, phones or Trezor/Ledger wallets.

Recovering a Trezor Wallet Passphrase

A TREZOR hardware wallet is a security device that protects the user from key loggers and phishing e-mail, keeping the user’s Bitcoin and crypto safe. Various hacking groups could open the device by mitigating side-channel attacks; however, the method was only possible because ‘a passphrase was not used’. When making a transaction, the user only enters a PIN and therefore protects the private key of the Bitcoin. The only backup is a 12/24-word mnemonic that determines which addresses are stored on the device.

Recently, a client asked the KeyChainX team to brute force their TREZOR wallet as the client had forgotten the passphrase, commonly known as the 25th word. The passphrase was designed to ensure funds are safe if a user loses their TREZOR and someone gets hold of their 24-word mnemonic. The passphrase can be a word, a number, or a string of random characters. The idea behind it is to deceive the thief into believing that once he opens someone’s TREZOR or recovers it with the 24 words, he will only find a “fake” or low-value amount of BTC. This specific client had 10 USD worth of Bitcoin stored on their TREZOR’s main wallet based on the 24 words, but the real treasure trove was a wallet hidden behind his passphrase, the value the team cannot disclose.

The KeyChainX team split the job into two phrases (or three). But before the team could start, the client wanted to meet face-to-face. As travelling to South America was out of the question as we had a security presentation scheduled in Europe, the client agreed to a Skype “interview”. After 2 hours, the team convinced him that the team would not run away with his funds.

How Did the Team Crack It Open and Brute Force It?

The first part is data sourcing. First, the team gathered information about the possible hints to the passphrase, as a six characters passphrase would take forever to brute force with conventional tools. For example, a GITHUB repo by the user gurnec has a tool called Btcrecover that brute forces a couple of hundred passwords per second on average. For example, to break a 5-character password would take two days; if you add capital letters and numbers six months.

The client’s password consisted of more than 5-characters with both upper- and lower-case characters, possibly numbers and a unique character, which could approximately take 2+ years to brute force with the tool; that is, if the main wallet was the first created on the TREZOR. This was not the case. Instead, the “fake” wallet was created; first, there were transactions, and the genuine wallet was created later. Then, the team was forced to search for multiple wallet addresses and change addresses, which multiplied the time required to break the encryption.

Since this was not the first time the team had received a request to open a TREZOR, the team decided to build a custom-made tool that uses GPUs about a year ago. The custom tool speed is 240,000 passwords per second, an increase by 1000x compared to the gurnec GitHub source.

Customizing Mask Attack

The client gave the KeyChainX team 5 wallet addresses he had used in the past, a list of hints, and the 24-word mnemonic. First, the team had to determine if the 24 words were valid and if the mnemonic was valid.

Next, they had to choose which derivation path to search for; a TREZOR can use both LEGACY and SEGWIT addresses, and their specifications can easily be distinguished by looking at the first character of the address. LEGACY starts with one and SEGWIT with 3. They also use different derivation paths depending on the BIP version, so the team had to specify which wallet type and derivation path to use. Finally, SEGWIT uses m/49’/0’/0’/0 and LEGACY has several options. Finally, TREZOR fired up the custom tool with 8 x 1080Ti Founders Edition GPU cards (they cost up to 1000USD each depending on specification and model).

At first, the team searched an ample space of characters and words, but the mask and algorithm took approximately two months too long. The team had to change tactics and look at the TREZOR owner’s hints and find a pattern. The pattern used small/capital characters as the first password character. Then several lower-case characters, and then limited combinations of numbers (birth dates, months, pin codes to safe etc.). Two unique characters were also used, so the team had to add that into account. The mask was modified again, and BOOM, the team found the password within 24 hours after the “interview”.

A quick message on WeChat, asking the client for their BTC wallet (the team advised him not to use the same TREZOR again). The team transferred the client’s funds to them within the hour.

keychainx, trezor

KeychainX GPU Crack Rig

Crypto Wallets Recovery Experts

If you are not yet familiar with KeychainX, it is a cryptocurrency wallet recovery service operating since 2017. The company recovered wallet keys for many clients from all over the world and you can see some of their raving reviews on Trustpilot where KeychainX has an almost perfect 4.9 ‘Excellent’ score. Read this article about how it unlocks different types of wallets, here about its work with blockchain wallets and here about specifically recovering keys from Multibit Classic or Multibit HD.

KeychainX has relocated in 2021 from its birthplace in the U.S., to Zug, Switzerland – a part of the world known in the blockchain community as Crypto Valley due to its concentration of relevant companies. Robert Rhodin, the CEO of the company, is naturally one of the leading experts in the field of crypto wallet recovery.

To learn more about the company visit KeychainX.io or just send an email to KeychainX@protonmail.com if you need to talk about password recovery.

Bitcoin, Ethereum Technical Analysis: BTC, ETH Marginally Higher as USD Weakens on Monday

Frutti Dino’s FDT Token to Be Listed on Huobi Global and Gate․io

Spanish Telecom Giant Telefonica Invests in Bit2Me, Pilots Cryptocurrency Payments

Bank of Russia Adds Digital Assets to Banking Chart of Accounts

Forex Shortages Blamed After Nigerian Currency Hits New Low Versus the US Dollar

Japanese Gaming Giant Sega to Launch First Blockchain Game

US Senator Says 'I Love That Bitcoin Can't Be Stopped' Citing Concerns About National Debt and Inflation

CFTC Chairman on US Crypto Regulation: We Have to Rely on 70-Year-Old Case Law to Determine What's a Security or Commodity

Robert Kiyosaki Predicts US Dollar Will Crash by January — Suggests Buying Bitcoin

9 Out of the Top 12 Crypto Assets Are Down 70% to 90% Lower Than the All-Time Highs Recorded Last Year

Report: CME Group to Face off With FTX After Filing for Futures Commission Merchant Status

S&P Global Report Says EU and UK Are in a Recession, Putin Thinks the West Is Greedy

'Trading Like a Lehman Moment’ — Credit Suisse, Deutsche Bank Suffer From Distressed Valuations as the Banks’ Credit Default Insurance Nears 2008 Levels

UK Regulator: Crypto Firms Undeterred by Strict Regulation — 'They Know We Have a Good System'

RLWC 2021: CoinEx Cheers for Athletes as the Exclusive Cryptocurrency Trading Platform

Ruble Surges Against Greenback, Ethiopian Birr Exchange Rate Gap Widens; Kiyosaki: The 'End Is Here' for Fake Money — Week in Review

TECH NEWS RELATED

Biggest Movers: MATIC Hits 3-Week High, LINK up Almost 10%

Polygon raced to a three-week high during today’s session, as bullish sentiment returned to cryptocurrency markets. Chainlink was also in the green, as the token surged for a second straight day, rising by almost 10% in the process. Overall, the global crypto market cap is up 3.06% as of ...

View more: Biggest Movers: MATIC Hits 3-Week High, LINK up Almost 10%

UN Report Urges Fed to Suspend Interest Rate Hikes, Presses for 'Public Spending' Increases

The United Nations Conference on Trade and Development (UNCTAD) has warned that the U.S. Federal Reserve’s interest rate hikes and the slew of other central banks raising rates, could pose harm to the global economy. UNCTAD calculated that for every Fed basis point rise, the economic output of wealthy ...

View more: UN Report Urges Fed to Suspend Interest Rate Hikes, Presses for 'Public Spending' Increases

Bitcoin, Ethereum Technical Analysis: BTC Back Above $20,000, USD Hits 2-Week Low

Bitcoin was back above $20,000 on Tuesday, as the U.S. dollar fell to its lowest point in two weeks versus several G7 currencies. The stronger dollar has impacted purchasing power in cryptocurrencies, and commodities like crude oil, which last week fell to a nine-month low. Ethereum was also up, ...

View more: Bitcoin, Ethereum Technical Analysis: BTC Back Above $20,000, USD Hits 2-Week Low

Cryptocurrency Is Losing Popularity as Investment Vehicle in US, According to Bankrate Survey

The popularity of cryptocurrency as an investment vehicle is dwindling in the U.S., according to a survey made by Bankrate. The survey found that trust in crypto has diminished across several groups, with millennials losing 20% of their trust in the assets — more confidence lost than in the ...

View more: Cryptocurrency Is Losing Popularity as Investment Vehicle in US, According to Bankrate Survey

The Coorest Carbon Standard Now Officially Certified

press release PRESS RELEASE. Coorest, a Polygon-native project, is the first blockchain project to have a certified standard for carbon compensation entirely on-chain — allowing anyone with an internet connection to compensate for their carbon footprint, thereby demonstrating that the newly certified Coorest Carbon Standard (CCS) is an excellent ...

View more: The Coorest Carbon Standard Now Officially Certified

Argentine Oil Subsidiary YPF Luz Powering Bitcoin Mining Activities With Residual Gas

YPF Luz, a subsidiary of the Argentine state oil company YPF, is currently piloting a project to power bitcoin mining operations with residual gas. The initiative, which is currently being tested in Vaca Muerta, one of the biggest oil fields in the country, seeks to take advantage of this ...

View more: Argentine Oil Subsidiary YPF Luz Powering Bitcoin Mining Activities With Residual Gas

Report: UK Gold Dealer Sold Out of Bullion After Pound's Record Fall Causes Demand to Skyrocket

The United Kingdom-based gold dealer, Ash Kundra, has claimed that he recently ran out of gold coins and bars after the demand for the precious metal skyrocketed. The pound’s plunge to a record low versus the dollar, as well as the turmoil in financial markets, is said to be ...

View more: Report: UK Gold Dealer Sold Out of Bullion After Pound's Record Fall Causes Demand to Skyrocket

Kenyan Central Bank Rejects Deputy President Rigathi Gachagua's Claims Country Lacks Forex to Import Oil

The Central Bank of Kenya appeared to rebuke the country’s new deputy president Rigathi Gachagua, after it rejected the latter’s claims the East African nation lacks enough foreign exchange to import oil. According to the bank, all the foreign exchange used in private transactions and for oil imports is ...

View more: Kenyan Central Bank Rejects Deputy President Rigathi Gachagua's Claims Country Lacks Forex to Import Oil

DeSo is Elon Musk and Jack Dorsey’s Answer for Decentralized Social Blockchain

Samsung Latam Launches 'House of Sam' Metaverse Experience in Decentraland

Taking Yield Farming to the Next Level With Animal Farm

Disclosures Show Shopify's CEO Bought $3M Worth of Coinbase Shares During the Past 2 Months

Decentralized App BCH Bull Prepares for Launch, Platform Allows Users to Long or Hedge Bitcoin Cash Against a Myriad of Tradeable Assets

The XSwap Treasure Token Aims to Impress by Providing Many Useful Functionalities

Tether CTO Says US Treasury Notes Account for More Than 58% of USDT's Reserves

Data Shows Bitcoin's Hashrate Has Grown by More Than 4 Quadrillion Percent Since 2009

Top Crypto Exchange LBank at Token 2049: Successful Exhibition and Afterparty

Biggest Movers: UNI Rebounds From Recent Losses on Monday

USDC Will Integrate With Decentralized Social to Bring Web3 to the Masses

SEC Charges Socialite Kim Kardashian for Unlawfully Touting Ethereummax

OTHER TECH NEWS

Top Car News Car News