How a Trezor Wallet Passphrase Taking a Lifetime to Brute Force Was Cracked by KeychainX Experts in 24 Hours – Sponsored Bitcoin News

Lost your hardware wallet passphrase and looking to recover your funds? This is the way KeychainX restoration specialists did it for a client. This is a reliable service provider that specializes in recovering lost crypto wallets and they can even recover funds from damaged hard drives, phones or Trezor/Ledger wallets.

Recover Trezor . wallet passphrase

The TREZOR hardware wallet is a security device that protects users from key loggers and phishing e-mails, keeping their Bitcoins and cryptocurrencies safe. Various hacking groups can open the device by mitigating side-channel attacks; however, this method is only possible because ‘passphrase is not used’. When making a transaction, the user only enters the PIN and thus protects the private key of the Bitcoin. The only backup is a 12/24 word memo that identifies which addresses are stored on the device.

Recently, a customer asked KeyChainX the attack team forced their TREZOR wallet because the customer forgot the passphrase, commonly known as the 25th word. The passphrase is designed to ensure funds are safe if a user loses their TREZOR and someone else gets it. get their 24-word memo. The passphrase can be a word, a number, or a random string of characters. The idea behind it is to trick the thief into believing that once he opens someone’s TREZOR or retrieves it with 24 words, he will only find a “fake” or low value amount. BTC. This particular customer has 10 USD worth of Bitcoins stored on their main wallet TREZOR based on 24 words, but the real treasure is a wallet hidden behind his passphrase, a value that the team cannot disclosure.

The KeyChainX team splits the work into two (or three) phrases. But before the team can begin, the client wants to meet in person. Since traveling to South America was out of the question when we had a confidential presentation scheduled in Europe, the client agreed to a Skype “interview”. After 2 hours, the team convinced him that the team would not run away with his money.

How did the team that cracked it open and force it?

The first part is data sourcing. First, the team gathered information about possible hints to the passphrase, as a six-character passphrase would take forever to become brute force with conventional tools. For example, a GITHUB repo by user gurnec has a tool called Btcrecover that averages several hundred passwords being forced every second. For example, to break a 5-character password would take two days; if you add capital letters and number six months.

Customer’s password consists of more than 5 characters with both uppercase and lowercase characters, can be numbers and a single character, it may take more than 2 years to process with the tool; that is, if the primary wallet was created for the first time on TREZOR. This is not the case. Instead, “fake” wallets were created; first, there were genuine transactions and wallets created after that. The team was then forced to search multiple wallet addresses and change addresses, which multiplied the time it took to break the encryption.

Since this is not the first time the team has received a request to open TREZOR, the team decided to build a custom tool that uses GPUs about a year ago. The custom engine speed is 240,000 passwords per second, a 1000x increase over the GitHub gurnec source.

Customize attack mask

The client provided the KeyChainX team with 5 wallet addresses he had used in the past, a list of suggestions, and a 24-word mnemonic. First, the team had to determine if the 24 words were valid and whether the mnemonic was valid.

Next, they must choose which derived path to search; TREZOR can use both LEGACY and SEGWIT addresses, and their specifications can be easily distinguished by looking at the first character of the address. LEGACY starts with one and SEGWIT with 3. They also use different derivations depending on the BIP version, so the team had to specify which wallet type and derivation to use. Finally, SEGWIT uses m/49’/0’/0’/0 and LEGACY has several options. Finally, TREZOR has enabled customization with 8 x 1080Ti Founders Edition GPU cards (each costing up to $1000 depending on specification and model).

At first, the team searched a large amount of characters and words, but the mask and algorithm took about two months too long. The whole team must change tactics and go through the tips of the TREZOR owner and figure out how to play. The sample used small/capital characters as the first password character. Then some lowercase characters, and then a limited combination of numbers (birthday, month, pin to be safe, etc.). Two unique characters were also used, so the team had to add that into account. The mask was modified again, and BOOM, the research team found the password within 24 hours of the “interview”.

A quick message on WeChat, asking the customer about BTC wallet (the team advised him not to use the same TREZOR anymore). The team transferred the client’s money to them within an hour.

How a Trezor wallet passphrase that should have taken a lifetime to become brute force was cracked by KeychainX experts
KeychainX GPU Crack Rig

Crypto Wallet Recovery Specialist

If you are new to KeychainX, it is a crypto wallet recovery service that has been operating since 2017. The company has recovered wallet keys for many customers from around the world, and you can see some of the reviews. Their hearty prices on Trustpilot where KeychainX has a near perfect score of 4.9 ‘Excellent’. Read this article about how it unlocks different wallets, here about its work with blockchain wallets and here on how to specifically recover keys from Multibit Classic or Multibit HD.

KeychainX has relocated in 2021 from its birthplace in the US, to Zug, Switzerland – a part of the world known in the blockchain community as Crypto Valley due to the concentration of related companies. mandarin. Robert Rhodin, the CEO of the company, is naturally one of the leading experts in the field of crypto wallet recovery.

To learn more about the company, visit or just send an email to if you need to talk about password recovery.

This is a sponsored post. Learn how to reach our audience here. Read the disclaimer below. Media is the premier source for everything crypto-related. Contact to discuss press releases, sponsored posts, podcasts, and other options.

Image credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This newspaper only gives true information. It is not a direct offer or solicitation to buy or sell, or a recommendation or endorsement for any product, service or company. does not provide investment, tax, legal or accounting advice. Neither the Company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Source link


Kig News: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button