- Hackers are trying to break into a Bitcoin wallet said to contain over $690 million worth of the asset.
- But its password is proving difficult to crack, even if one uses sophisticated computing
- There's also a possibility the wallet may not actually hold the funds.
Hackers have been pouring their time and resources to crack the password of a Bitcoin wallet holding 69,370 BTC (≈$690 million), according to news site Vice. The wallet is one of the top ten Bitcoin addresses in terms of total holdings—a veritable treasure chest.
Apart from trying to break into the actual Bitcoin wallet, hackers are sharing a file over the internet that supposedly holds the wallet’s private keys (it may not) and therefore, access to the Bitcoin it contains.
The reason for the complexity? The wallet is protected with a very long and unique password, and its wallet.dat file—a type of file that stores the data—is encrypted using two algorithms that are very slow to process, said Vice. A combination of these two factors makes the wallet hard to guess, even if one used machines to brute force for the password.
But hackers haven’t given up. Alon Gal, the chief technology officer of cybercrime intelligence company Hudson Rock, tweeted this week the $690 million Bitcoin wallet was recently advertised on the popular hacking forum RaidForums.
Get this - there is a Bitcoin wallet with 69,000 Bitcoins ($693,207,618) that is being passed around between hackers/crackers for the past 2 years for the purpose of cracking the password, no success so far.
— Alon Gal (Under the Breach) (@UnderTheBreach) September 8, 2020
The forum is part of a larger internet subculture that deals in the niche of cracking Bitcoin wallets. It’s even evolved to include hacking as a service now. All Private Keys is one such marketplace that allows people to contract hackers and purchase, download, or even attempt to crack the advertised Bitcoin wallets.
While the wallet has even managed to find its way to All Private Keys, the hack continues to prove difficult. It’s also caused some hackers to give up the search wholly and instead resort to trying to sell the wallet’s .dat file outright, noted Gal.
"Wallets tend to be protected by strong passwords and in the event that a cybercriminal manages to obtain a wallet and cannot crack the password he might sell it to opportunistic hash crackers who are individuals with a large amount of GPU power," said Gal.
But there’s a catch
Despite the fame, there are no guarantees that the particular wallet.dat file actually holds the $690 million in Bitcoin, even if someone ended up gaining access.
"It's possible to doctor a Bitcoin wallet.dat file to make it seem like it contains a high balance," said “Dave Bitcoin,” a pseudonymous entity who runs Wallet Recovery Services, an online service that decrypts wallets with lost passwords for a fee.
He added someone could have simply modified the public keys of a Bitcoin wallet using editing software and tied them to another wallet, meaning the wallet file might be doing the internet rounds without the corresponding private key to access the $690 million Bitcoin.
Roman Potemkin, the founder of crypto wallet service Trastra, shared the sentiment. “There is the possibility of faking wallet balances. Usually, as proof of funds, the buyer gets the seller to verify that they actually hold the coins using a time-stamp on the blockchain. However, that may not work in this case as the private key itself is unknown,” Potemkin told Decrypt.
Yet the pseudo-cyberheist for the Bitcoin fortune continues.