Take a fresh look at your lifestyle.

The history of lost Bitcoin inside a zip


Imagine that you bought a lot of BTC when they still had prices in one or two figures, but you forgot them inside an encrypted zip file, so now you want to recover those private keys. What would you do? Well read this story of how Michael Stay managed to recover $ 300,000 in Bitcoin from an old encrypted zip file.

The story of $ 300,000 in Bitcoin in a zip file

In this real-life story, a man contacts a former Google security engineer to help him regain access to his Bitcoin private keys, thereby recovering more than $ 300,000.

The ex-engineer is Michael Stay, but … How did this person get to him? Internet is the answer. Specifically, through LinkedIn after the owner of the BTC read an article published by Stay, nineteen years ago, about a technique to break encrypted zip files.

This person invested around $ 10,000 in BTC during January 2016, long before the boom. However, for security reasons, he had encrypted the Bitcoin private keys in a zip file and forgot the password. Tragic.

In order to meet the challenge, Stay estimated that it would need to charge $ 100,000 to enter the archive. The owner of the BTC accepted the deal. After all, he would still be making big profits. Once the work started, it was fun for Stay in her own words.

Every morning I was excited to get to work and deal with the problem“Says Stay, who today is the chief technology officer for blockchain software development firm Pyrofex. But, although some zip files can be easily decrypted with standard tools, the protagonist of this story was not so lucky.

Securing your BTC keys in a zip file may seem safe, but the access complications in case you forget how to get into the file are enormous.
Securing your BTC keys in a zip file may seem safe, but the access complications in case you forget how to get into the file are enormous.

How did Michael Stay know that the person was telling the truth and that he owned those cryptocurrencies?

Mainly, because the person who contacted you still had the laptop that they had used to create and encrypt the zip file.

Other clues to get started with the hard work, Stay knew which zip program had encrypted the file and which version it was running. It also had the timestamp of when the file was created, which the Info-ZIP software uses to report its encryption scheme.

However, from a massive set of passwords and encryption keys, Stay was able to narrow it down to something close to quintillion possibilities. As they delved into the project, Stay was able to refine the file hack and reduce the amount of time it would take to produce results.

We spent more time developing the hack, but we only needed to run it for about a week. That saved the boy a lot of money in infrastructure costs”He explained.

By February, four months after the first LinkedIn message, the hack began. It worked for 10 days and failed. Stay later wrote that he was “heartbroken.” Thus, while they were trying to decipher the error, the price of Bitcoin fell and the owner of the BTC began to be more impatient.

However, after a few revisions to their random code generator program, they succeeded: they cracked the file’s encrypted key.

In the end, the infrastructure costs to execute the hack rose from $ 6,000 to $ 7,000, instead of the roughly $ 100,000 they had originally estimated. The owner paid about a quarter of the original price.

In this case, decryption was possible because it used an old version of Zip, but according to Stay itself, if the person had used a slightly newer version of zip, it would have been impossible.

How common is this situation?

Stay says that since he published his technical account of the project in April, several people have approached him and asked him to help them recover the passwords for their Bitcoin wallets. Unfortunately, it is a common situation.

However, the challenge varies in each case and only some are as lucky as the protagonist of this story. We hope that if you ever have a significant amount of Bitcoin you can store it safely, but enough for you to access it.

Leave A Reply

Your email address will not be published.