Three ways to hack Bitcoin

A properly set up and used Bitcoin address is virtually impossible to hack. The vastness of possible private keys ensures that it is practically impossible to bruteforce one (or several) Bitcoin addresses. Humans are not machines, however, and humans do make mistakes.

Here, we will list a couple of disasters that have led to compromised private keys and resulted in Bitcoin theft. Consider this a list of how to not produce and use private keys. And maybe as a source of inspiration for finding other exploitable weaknesses when it comes to human handling of private keys.

A good private key should be perfectly random, and until we devise a machine that can output true randomness (if such a thing even exists), we are bound to rely on so-called pseudorandom functions to create private keys. Bitcoin wallet software uses pseudorandomness to create new keys, and until this day, it has worked out very well, which strongly suggests that these methods are good enough. In fact, there is not a single known collision in the history of Bitcoin, i.e. an accidental keypair generation that has led to person A being able to control peron B’s coins. In other words, when your wallet software or your script outputs a new keypair, looking up that the resulting public addresses have been used before is unnecessary and is typically never done.

There are thousands of articles describing the art of creating cryptographically safe private keys. You don’t have to read any of them. With a single line of code in Bash (“sudo apt-get install openssl” first, if necessary)

openssl rand -hex 32

you will produce a 64 character hexadecimal string (256 bits or 32 bytes, if you will) such as

7ed821b0cfa039a69d8403f8b93d5ca008e8c11f6bf9ee3e422854165519f56a

which can be used as an unbreakable private key. Our example is synonymous with these two private keys

5Jn9eY6hNux6Dct7w67b1587bNyxa8iBmouEDiPjurpf3uwXjvT
L1UHAgG9DiiA2hNdbja55KCQ6k2QHF2nYn1XM7hNQJuLwcKFBcDM

that, in turn, control these four public addresses

14z8XV5zRs1iHR4ScppvkjPaz34CLZcTRN
1DLdKSMvgh6C7QEvy8zYXSPp9DhYQGQrU4
35LbfTGPfUAqjsAAr6vsRa8ou5766xhzZH
bc1qsatm4dxhxe8a756xznh6c2p52cctxzqgwkx7lc

The point here is that there isn’t, and will likely never be, enough computational power in the universe to bruteforce these, so unless we hadn’t just written out the private keys, you could never have hacked these public addresses.

Now on to the title list, in order of appearance:

1. Google and the cloud

Until 2014 or so, it was fairly easy to find a decent amount of unencrypted Bitcoin Core wallet files that had unspent Bitcoin in them using a simple Google search phrase, such as “site:dropbox.com wallet.dat”. At the time, all Dropbox accounts came with a public folder, so that everything you put there was exposed to the web, and much of it was picked up and indexed by Google. People were sloppy (or just plain stupid?), and more than one person decided this folder was the perfect place to store a backup of their Bitcoin wallet in. Let us be redundantly clear: saving your wallet file in a public folder, unencrypted too, accessible in any browser, is a really bad idea.

It doesn’t matter that Bitcoin Core has always produced cryptographically safe keypairs, when users make them public online. For the record, another popular search phrase was “inurl:’index of’ wallet.dat”, which would take you to webpages under construction and lists of all files in certain folders. Typically, you never want to make your folder structures open on the web, and this was probably the result of misconfigured web servers.

Nevertheless, why some people decided to upload their wallet files to their webpages in the first place is still an unsolved mystery; we can just conclude that it happened a number of times.

By now in 2020, it seems that Google has finally decided to strike down on these ridiculously simple hacks, and to the best of our knowledge, such search phrases will no longer help you find wallet files. If you know of other search phrases, perhaps using other search engines than Google, that still work, please let us know! We would not be surprised if there still were wallet files to be found on the web that you could right-click and “save as.”

2. Bitcoin ATMs and social media

Bitcoin ATMs are fantastic and will hopefully make the average person more curious and less skeptical about Bitcoin. Since Bitcoin is a digital currency, what you get when you buy Bitcoin in an ATM is not a stack of bills, but rather a simple receipt containing – you guessed it – a private key, practically enough in the form of a QR-code.

Remember when teenagers could get VISA cards and when #MyFirstCreditCard was a thing on Instagram? Same thing here again. Some people are so proud that they just bought their first pieces of a Bitcoin and can’t wait to tell the world. This would be all good if it wasn’t for the fact that enthusiastic newcomers snap photos of their receipts, in which you can clearly see the QR code, and post them on Facebook and Twitter.

Here is one such example, image courtesy Twitter:

Bitcoin ATM receipt

Bitcoin ATM receipt

Let’s hope that is was the rightful owner who spent the coins from

5KENaH6zZfjrmhim96ygs657kVWTZ5b9AaS193XNhLUwByW2sKc
1EmoMxgGMr1KdYNQVzfs7u6YJYBoR2C3Nj

Unfortunately, this is far from the only example we are aware of. Take home message: Do not take photographs of your private keys, and if you do, don’t post them on social media unless you are asking to be robbed in a matter of minutes.

3. Brainwallets

Alright, the story goes something like this. Until 2015, there was a webpage called brainwallet.org, that took any password, calculated its SHA256 hash, and used that as the private key (and it was kind enough to print the corresponding public address). What’s so wrong with that? Using this method you can create keypair that you can easily regenerate – “store them in your brain.” Well, many things are wrong. Humans suck at choosing good and memorable passwords or passphrases. The human brain is terrible with what we call entropy. Tech researcher Ryan Castellucci and co-worker has a splendid talk about it, which we warmly recommend you to watch.

Even though one site ceased operations, the web is littered with similar services still (which we will not link to). Do not use brainwallets! Computers are good at entropy, humans suck, OK? Do not try and store private keys in your brain. We would even say that using a private key that is the hash of something known is a terrible idea.

We have played around with Ryan’s tool Brainflayer and come to the conclusion that people are still using such services or solutions to create keypairs.

One, out of more than 20,000, that we found ourselves is (we don’t think that it has been published elsewhere)

SHA256(“the crow flies at midnight”)
Kz7XDN9UJvpWEq2sVogcUYNeonG9FKxdyxrGfyUqNAKV8jfjcctB
15ytti5HgCvuBXmspJ89Qyfiuv9gNxLqaA

In summary, stay away from brainwallet. Let computers do the computing. Use safe private key generation, as in the beginning of this artkce and you are as safe as can be.

Other methods

Your turn! What else do we have? Of course, there are more attack vectors than these. A relatively recent scientific publication gives us additional leads. But there must be even more. Show us what you got!

One more thing!

Consider the donation address at the bottom of the page. We re-invest all contributions into new projects for btcleak.com. Help us create new content and remain ad-free forever. Thank you.

2 Replies to “Three ways to hack Bitcoin”

  1. Weak generated private keys can also be bruteforced using brainflayer/bitcrack. Some of the guys also using pollard rho to find private keys using public key (see bitcoin talk), of course you would need to know the correct range the keys reside for this to be effective.. also need the compute power to pull off such tasks.

    Reply

  2. By the way, if you want to use Python instead to produce a cryptographically safe private key (HEX), it can be done with two lines of code

    >>> import binascii, os
    >>> binascii.hexlify(os.urandom(32)).decode()
    ‘34914bbaded69c4583666a6a22fc39356307148347815c9efbb5bf6666704470’

    Reply

Leave a Reply

Your email address will not be published.