A few weeks ago I was attending a crypto conference in a Asia, the conference was boring as usual but I knew the fun part would start in the evening when everyone would have a drink and relax at a roof top bar at one of the top hotel spots.
There at a bar a women smiled towards me and I walked over to have a chat. It turned out she was running a crypto exchange and we were talking for a while about the space and how it have changed over the last year. She looked around and seemed slightly bored.
Then as soon as I handed over my business card (Which says crypto recovery services) she smiled and said she has lost access to her Bitcoin wallet on blockchain.com. She asked if it was possible to recover and I explained that depending on the information she had, it was.
For those of you who don’t know blockchain.com runs one of the oldest online wallet services for Bitcoin. They let you sign up with e-mail online and access your wallet from anywhere.
I asked the woman what information she had and unfortunately there was nothing to work with, she only remembered opening the account a few years back and just lost all the information to the account.
I explained quickly that it is possible to access the wallet without knowing anything else except what e-mail she used to sign up.
Blockchain.com have a neat feature which let’s you have a reminder sent to your e-mail with your wallet ID. The ID is the actual login account name and once you have that and your password it will let you access the lost Bitcoin here: blockchain.com reminder
So I left the bar since I had to attend a dinner and left the woman with her hopes.
Then there was no contact for over two weeks when finally I received a message on wechat that she had requested a reminder and got the wallet ID but her password did not work. She asked again for my help.
The first step in recovering a blockchain.com account is to have access to the e-mail account that created the wallet ID, the second most important thing is to have the ID, the third, of course the password. She did not.
Since many people have asked me about the same problem over and over, I’ve developed a custom tool to download the backup file of the wallet encrypted with the login password. This is a process very few people know about and it lets you try the password automatically instead of manually entering it on the website login page.
To be able to download the file, the woman had to confirm my request and ouala! we had the wallet backup on my laptop.
A typical blockchain.com wallet uses a password no less than ten characters, including special characters and numbers, this was of course a problem since the number of possible combinations is quite a huge number, and not possible to try with a computer within a reasonable amount of time.
I sent the woman a message asking for clues, how does she create her passwords, how does she combine letters, years and special characters?
She sent me a short list. It didn’t work.
Then I sent another message asking her about family, friends, boyfriend, children names, favorite color, nicknames, pets etc etc.
The list quickly grew, but also my confidence this might work, as most people are very reluctant to give hints (they do this for privacy reasons) but experience has told me hints were the single best way to recover a lost password.
Once the list of possible hints were sent, I created an algorithm that would go through each word and make combinations, alterations and modifications based on her hints and the way she created her passwords. I also added my own variations based on previously recovered passwords.
Since I usually travel with a very strong laptop that has an expensive GPU card, I was able to run it while relaxing at an airport lounge. I just needed to find a power supply, as the computer would run heavy computation.
I fired off the script on my laptop using an open source software called Hashcat, it could be downloaded by anyone from here: hashcat but beware, it requires some expensive hardware to make it run fast and of course some experience in setting up algorithms, masks, rules and wordlists to be able to quickly and efficiently recover a password.
The password recovery started and my algorithm said 3 hours to finish based on my input parameters. I went for a drink, looked at my flight departure (1 hour 20 minutes) and wished for the best. The single worst thing I knew is being force to interrupt a recovery process in the middle.
While the computer spinned, I finished another drink, and by the time I was preparing to pack up, PLING! I got a message on my phone. It was my custom made hashcat script that sends me an sms every time a wallet that I work on is cracked. It was the blockchain.com Bitcoin wallet.
I quickly sent her an sms to tell her I was able to recover the wallet and that I’ve sent her the 80% of the wallet value agreed at the start of the recovery. Then I jumped on the plane and went on my way to meet another client. I knew that by the time I would arrive, she would have her Bitcoin back.
The password was: IloveJerry123! (her boyfriends name was Jerry)
Disclaimer: The article might have been slightly altered to protect the client and where in time it took place. The work was performed by KeychainX CEO Robert Rhodin and you could read more about the company here: keychainx.io or have a look at an in depth interview about his work: BitstarzInterview.