Joe Grand, a Portland-based hacker and computer engineer, cracked a Trezor One hardware wallet storing more than USD 2 million in money. He is also known as “Kingpin”. Dan Reich, an NYC-based entrepreneur, and his mate found they had misplaced the security PIN to the Trezor, on which the tokens were saved. They came to know when they went to cash out an initial investment of about USD 50,000 in Theta in 2018. They stepped down after guessing the wrong PIN 12 times in a row.
However, when their investment grew to USD 2 million this year, they increased their efforts to gain access to the money. The only way to get the tokens without their wallet’s seed phrase or PIN was to hack into it.
The key was that the Trezor One wallets momentarily moved the PIN and key to RAM during a firmware update. Grand discovered that in the firmware version on Reich’s wallet data was transferred to RAM rather than relocated. It implies that if the hack fails and RAM is deleted, the information regarding the PIN and key will still be kept in flash. It took 12 weeks to recover the missing PIN.
“We are basically producing misbehavior on the silicon chip within the device in order to overcome security,” Grand revealed. He noticed that he had overcome the problem and the PIN was flashing up on the screen.