This article is a writeup of the fourth episode of CRYPTOLAND, Motherboard’s documentary series about how cryptocurrency is affecting culture, politics, the environment, and our shared future. Watch it on Motherboard’s YouTube.Ebet Kuefler got into Bitcoin relatively early, in 2013, when it was still possible for individuals like him to mine the cryptocurrency at home. At some point, he said, his rig was mining one Bitcoin a day.“I didn’t have to run the heater because this thing was kicking off massive heat all day, turning electricity into dollars,” he told Motherboard. In the end, he sold all but seven Bitcoin, and then forgot all about it until 2017, when the cryptocurrency hit $20,000. At that point he thought that was a good opportunity to cash out—except he couldn’t remember the 24 character complex password that protected his crypto wallet containing his Bitcoin. He said he had written it down in a notebook, but he had taken the password in a physical password wallet, which was stolen on a trip to Cuba. Kuefler’s story isn’t special. There are hundreds of people like him. It’s hard to know exactly how much Bitcoin is locked forever in wallets whose owners forgot the password, or in hard drives thrown out. There’s plenty of anecdotes of desperate people trying to recover their lost Bitcoin. Chainalysis, a firm that tracks cryptocurrencies to help companies and law enforcement, estimated in 2018 that up to 23% of all Bitcoin is lost forever—around 3.79 million bitcoins or the equivalent of around $170 billion at today’s conversion rate. Naturally, some of the people who own those lost Bitcoin are willing to do anything to get them back. And there’s a market for companies or individuals who promise to recover the lost Bitcoin for a fee. There’s the mysterious Wallet Recovery Service, run by an anonymous person who goes by DaveBitcoin, or Crypto Asset Recovery, a father and son startup based in New Hampshire. In essence, what these organizations do is try as many password or passphrase combinations as fast as they can—or as fast as their password cracking software and hardware will allow—until they get the right one for a specific wallet they’re trying to break into. They brute force the password, but they need help from their customers—some guess, at least, of what their password may have been.Charlie Brooks, the son in the duo that runs Crypto Asset Recovery, told Motherboard that their success rate is 32 percent, without counting those customers that they believe have almost no chance of getting their Bitcoin back (who they decline to take on as clients). “When you have a client with a password that is let’s say 20 character computer generated password, that is essentially uncrackable” Brooks said. “Maybe given a hundred or two hundred years of compu power—maybe it will get it. But the chances are infinitesimal to none.”As for Kuefler, his Bitcoins were eventually saved by DaveBitcoin, who provided the right password to unlock his long lost crypto wealth. Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.
Advertisement
Advertisement