American engineer Joe Grand is a well-known name in the field of cryptocurrencies. Known as a hardware hacker and inventor, Grand can also be described as a “white hat hacker”. In other words, he is an ethical hacker who reports the security vulnerability he finds to the authorities and tries to increase the security of the systems instead of using it maliciously.

Grand’s latest success is related to a security vulnerability that opens the way to lost Bitcoins. The story started in 2022 when Michael, a European cryptocurrency owner, contacted Grand. Michael had lost access to his Bitcoin worth millions of dollars. The problem was not that the access information was lost, but rather that he had used a very strong password.

Michael used the popular password manager application RoboForm to create this 20-character password. But the real problem was that the password was stored in a file encrypted with TrueCrypt. At this point, both the strong password and an additional layer of encryption had become a dead end for Michael.

Grand took action with his friend Bruno to solve this problem. Bruno was a hacker who specialized in software. For the solution, the duo focused on the 2013 version of RoboForm that Michael used for his Bitcoin wallet.

Examining an old software using reverse engineering techniques, Grand and Bruno found the vulnerability they were looking for after months of work. They discovered a bug in the password generation method in the then-version of RoboForm. This bug allowed the software to predict passwords based on the computer’s date and time. Fortunately for Michael, his password was created before the exploit was fixed.

However, this discovery alone was not enough. Grand and Bruno had to find the correct password using the vulnerability. To do this, they developed a program that generated millions of passwords based on the time period in which Michael’s password was created. Then, they tried to find the correct one by trying these passwords one by one using the force method.

After a long and tiring process, Grand and Bruno finally achieved success. They gained access to Michael’s wallet by finding the password created at 16:10:40 GMT on May 15, 2013. In this way, Michael was reunited with the 43.6 Bitcoin he thought was lost. This amount is worth approximately 3 million dollars as of the date of writing.

This incident once again highlights the importance of strong passwords and additional security measures. At the same time, it reveals that there may be risks due to vulnerabilities in security software. Although it is possible to access lost data by exploiting these vulnerabilities thanks to talented hackers such as Joe Grand, one may not always be so lucky. Therefore, it is worth remembering once again the importance of keeping security software up to date and using complex passwords.