Who in a minute becomes a dollar millionaire? How do they do it? And is it possible to master this profession yourself?
When even a small part of bitcoin costs several thousand Dollars, and you can buy a bar of gold for a whole bitcoin, a reasonable question arises. How to safely store your cryptocurrency?
- Smartphone – at any time they can snatch from your hands.
- Home computer – every day is exposed to many virus attacks.
- Online wallet – you have to trust your accumulation of the company to the developer.
It turns out that while the brain is not yet connected directly to the Internet, our memory is perhaps the safest place to store bitcoins. But remembering 51 random characters of the private key from your Bitcoin wallet, the task is quite complicated: 5KWeAfgnW3j8wTogqfHbyf8tiwboB1Tvc76GuN2962zDV8sFL8a
However, you can do otherwise with the help of bitcoin signals. First, come up with a strong password, and then generate a bitcoin wallet based on it. The key in this case is not necessary to remember, but you can easily access your savings. This type of bitcoin wallets is called a brain wallet.
More reliable than a Swiss bank
But what if by brute force to pick up a private key to the wallet? In total there are 2 ^ 256 possible private keys. The theory says that it is such a large number that it is no coincidence, not on purpose, that it is impossible to pick up a key, and to do this, it will take forever.
The theory was thrown by LBC. Using a simple search, these guys found 54 private keys in two years and got almost 0.135 BTC. The amount is certainly not very impressive, but their catch at any time can increase significantly, for example, if they find the key to the wallet at 200,000 BTC.
Nevertheless, we must admit that the probability that they accidentally pick up the key from your wallet is negligible. Over the years spent on the selection of private keys, treasure hunters managed to find only 0.000013% of the total number of wallets. However, you can significantly secure your bitcoins now if you distribute them to several addresses.
One of the famous modern hackers Kevin Mitnik noticed that hacking any system is most effective through its weakest point – through a person. In our case, it is impossible to get the password out of your head, but you can imagine how a person thought while creating his password
At the first stage, I generated 6 billion unique passwords and phrases. The material was dictionaries in English, Chinese and Russian, online books, lyrics, an offline Wikipedia version and a list of the most used passwords.
It took several days to prepare a list of all existing bitcoin addresses with a non-empty balance or those addresses that have ever had bitcoins. A total of 412 million addresses.
Having received a hash of bitcoin addresses, we build a Bloom filter. Then we convert each password from our dictionary to hash160 and filter them. The output was about 240 million bitcoin addresses of candidates. We build the intersection of many candidates and a list of all real-life addresses.
As a result, I picked up private keys for 56340 bitcoin wallets, spending about a week of my time on this. True, only 7 wallets with a total deposit of 2.5 BTC or $ 16,000 at the current exchange rate turned out to be money.
Bitcoin is cool!
Since 2011, 5010 BTC, or $ 30 million, have been withdrawn from all other brain wallets. Only in incomplete 2018, hackers stole 736 BTC. After analyzing the transactions, I counted 19 separate groups involved in hacking brain wallets.
If 7 years ago it took several days to crack one wallet, now hackers need a split second. As soon as the victim transfers his bitcoins to a compromised wallet, they are immediately automatically withdrawn to the account of hackers. The great competition between hackers is understandable, people continue to use the same hacked wallets with elementary passwords. For hackers, this is a constant source of income.
The largest theft I discovered occurred in November 2012. It took the hackers only 36 seconds to steal 500 bitcoins from the wallet 14NWDXkQwcGN1Pd9fboL8npVynD5SfyJAE The password from the brain wallet was: bitcoin is awesome
How not to become a victim?
You have probably heard such sad stories, as a British programmer unsuccessfully searches for his 7500 BTC in a landfill, and the editor of a popular site threw out a hard drive with 1400 BTC. Someone cannot recover their bitcoins from an old flash drive, and someone accidentally threw out a piece of paper with a private key. Currently, for one reason or another, people have lost about 4 million bitcoins. Against this background, the damage from hacker attacks looks like a drop in the ocean.
However, in order not to become easy prey for hackers, there are some simple recommendations:
To safely create your brain wallet, open the Bitcoin address generator in private mode, turn off the Internet, create your wallet and save the received address, then close the browser and only now turn on the Internet. The absence of the Internet will not allow attackers to find out your password, and the private mode will prevent you from saving your data and forwarding it to hackers immediately after resuming communication.
When creating a password for a wallet, do not use well-known phrases and sayings, words from songs and books, any simple words and phrases. Remember, any information available on the Internet to you is also available to hackers.
Do not use your old passwords that you have ever used before. Hackers have billions of passwords from popular services and social networks. Even if you have never been hacked, there is a good chance that your old password is stored in a hacker database.
Your password must be unique. Add “salt” to the password – this will greatly complicate the hack. This can be information that only you know about, for example, your grandmother’s phone number, your dog’s nickname in Chinese, and your backup e-mail. Ideally, come up with your own system, how to create a complex password for others, but easy to remember for you.
Before you start using, check your address, there should be no transactions on it. Do not use a wallet that already had cash flows.
Before sending a large amount, send a small part of the funds to your new address, if your wallet is compromised, money will be debited instantly.
If you decide to replenish your old wallet, first check the balance! Many users continue to use hacked wallets for several months or even years.
Store your bitcoins in different wallets. This will protect your funds from accidental hacking.
And most importantly – during my tests, not a single bitcoin wallet was hurt! All the money was left with their owners. Even if you have the opportunity to take other people’s money, you should not do this, because you can be yourself in the place of the victim, and this is not very pleasant.
But if you still want to feel like a hacker and try to crack a Bitcoin wallet, I created a brain wallet specifically for this case and set a password. The secret phrase consists of four words in Russian. If you manage to pick up the password for my wallet, you can pick up the entire amount for yourself as a reward. I give a hint:
- first two words: Sergey Efimenko
- the second two words do not contain capital letters
- all words are separated by a space