There are many forms to create a Bitcoin wallet. One of the first methods to create a Bitcoin wallet was known as BrainWallet .BrainWallet
convenient in the sense that it allows you to store in memory or in a notebook ” passphrase “ . The passphrase is hashed using an algorithm SHA-256
, and is used as the seed to generate the private key .
Due to their popularity and ease of use, many
BrainWallet
over the past few years have been used with weak passphrases.
This weak private key generation method allowed attackers to steal quite a lot of coins BTC
by simply cracking the password against the hashes stored on the blockchain. Although this attack has been known for many years, it has become widely known в 2015 году
thanks to the work done by Ryan Castellucci
August 7, 2015
Ryan Castellucci spoke at DEFCON23 about cracking BrainWallet passwords . Although passphrases had been in BrainWallet
use for many years by this point, the conversation helped bring these issues to the wider public.
Document [ PDF] : Cracking Cryptocurrency Brainwallets Ryan Castellucci
Ryan has published the results of his work on hacking
BrainWallet
in conjunction with a tool called theBrainFlayer
Proven Cryptocurrency Wallet CrackerBrainWallet
) and other low-entropy algorithms.
GPU ACCELERATION
At the moment пробный cracker
, Ryan’s brainflayer has been upgraded into various software, utilities, scripts, and the like , but a graphics accelerator has still been created to support the GPUBrainWallet
runtime . These accelerators are called TeslaBrainWallet , after the family of NVIDIA® Tesla® V100 computing systems .
Phishing
Many Bitcoin advocates often cite BrainWallet
as a good method of protecting funds from possible confiscation, but unfortunately there are many pitfalls for Bitcoin клиента Electrum
.
Although it
Electrum
supports all popular hardware wallets (for example,Trezor
,Ledger
etc.) Up to installing third-party plugins to expand the functionality of the wallet, but if you install an old version of the Bitcoin wallet, you may run the risk of losing all cryptocurrency coins in the wallet.
This trap is popular under the word "фишинг"
. There are a lot of sad stories in the crypto community. One of the biggest losses from phishing in the amount 1400 BTC (16 миллионов долларов США)
According to the crypto industry portal “CryptoPotato”
An anonymous bitcoin investor by name
«1400BitcoinStolen»
claimed on Sunday that he lost1400 BTC
after “stupidly” installing an old version of the popular walletElectrum
, but it turned out to be a phishing scam .Trap:
Explaining the unpleasant incident, the victim said that he could not access the funds
с 2017 года
. After setting up the wallet and trying to transfer1 BTC
, he received a pop-up message asking him to update his security system before he could transfer. Unfortunately it was a trap – a phishing attempt . According to the victim, he installed the update , and all his funds were automatically transferred to the hackers’ wallet address, which made the scammers richerна 16 миллионов долларов США
.
How to avoid becoming a victim of phishing?
In our early posts, we strongly recommend to everyone:
- use only proven software;
- see the source code;
- do the assembly yourself;
- do an update;
Weak passphrases
Let’s move on to the experimental part:
Open [TerminalGoogleColab] .
Let’s use the “13TeslaBrainWallet” repository .
git clone https://github.com/demining/CryptoDeepTools.git
cd CryptoDeepTools/13TeslaBrainWallet/
ls
Install pip2 for Python 2.7
(because from September 20, 2022 Google Colab
does not use "pip2"
the default for "Python 2.7"
)
sudo apt install python2-minimal
wget https://bootstrap.pypa.io/pip/2.7/get-pip.py
sudo python2 get-pip.py
Install the ECDSA cryptographic signature library
pip2 install ecdsa
Run Python script: teslaBTC.py
History of weak passphrases with a positive balance of BTC coins
Let’s open bitaddress and check:
python2 teslaBTC.py "arretonprimaryschool"
Pass phrase: arretonprimaryschool
Private key: 0e57a34ee4cf2242bc331494981aa896e803c598cc4a0f890b2e85d6acb85f29
Bitcoin address: 16jLdtAxgXVwcG93MyPcNALXMCv3D6dyDB
python2 teslaBTC.py "correct horse battery staple"
Pass phrase: correct horse battery staple
Private key: c4bbcb1fbec99d65bf59d85c8cb62ee2db963f0fe106f483d9afa73bd4e39a8a
Bitcoin address U: 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
Bitcoin address C: 1C7zdTfnkzmr13HfA2vNm5SJYRK6nEKyq8
python2 teslaBTC.py "This is the way the world ends."
Pass phrase: This is the way the world ends.
Private key: 1bad2815705c693b4df94badf0f757c601d841bff62c40f9546432034a4c29b7
Bitcoin address: 1DnqpnCFiXqMhvRfdRzPcRao7yxyoeXgjf
python2 teslaBTC.py "The quick brown fox jumps over the lazy dog"
Pass phrase: The quick brown fox jumps over the lazy dog
Private key: d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592
Bitcoin address: 13w4Hn1BJQM4bjZZgYtXpyp4cioiw29tKj
python2 teslaBTC.py "just let the lovin take ahold"
Pass phrase: just let the lovin take ahold
Private key: 5e6fa5565782e85f3e305c422388e687e4fc8c2e7c572748f57ff7a4d6ff736a
Bitcoin address: 1H6nTPQ8wqdQ3QFrGc1qy9r63acpTAkwvc
python2 teslaBTC.py "en un lugar de la mancha"
Pass phrase: en un lugar de la mancha
Private key: e9f852cd97283461e254da265a27d2bda07f245cb5f8a6ee622355fcec63eb8c
Bitcoin address: 1Gwd5BQCDsFrEvokGkto945smazwEMKqdo
python2 teslaBTC.py "The quick brown fox jumped over the lazy dog."
Pass phrase: The quick brown fox jumped over the lazy dog.
Private key: 68b1282b91de2c054c36629cb8dd447f12f096d3e3c587978dc2248444633483
Bitcoin address: 1E2Wgex1ZGfZ9gb4MBubJJ5bnABkk2pbZf
python2 teslaBTC.py "Thats what she said 1974"
Pass phrase: Thats what she said 1974
Private key: 0e3630f0f829d93afd8569f7c50aaced3d930353db8468d8c42b58d7f5ce1fdb
Bitcoin address: 113W1qXf6DsJFtqMnR53tqvLrVfjkjR7g5
python2 teslaBTC.py "lorem ipsum dolor sit amet"
Pass phrase: lorem ipsum dolor sit amet
Private key: 2f8586076db2559d3e72a43c4ae8a1f5957abb23ca4a1f46e380dd640536eedb
Bitcoin address: 1KRGyNbq2yM1vAXscib74Snp6AUuUHVi2g
Literature:
This video was created for the CRYPTO DEEP TECH portal to ensure the financial security of data and cryptography on elliptic curves secp256k1
against weak signatures ECDSA
in cryptocurrency BITCOIN
Telegram : https://t.me/cryptodeeptech
Video: https://youtu.be/r0fTtBDWTnw
Source: https://cryptodeeptools.ru/tesla-brainwallet