StealMyWallet.com Proves Good Encryption Keeps Bitcoin Wallets Safe

Journalist:
January 5, 2015

StealMyWallet.com allows users to download the website owner’s Bitcoin wallet which holds their “life savings.” The download is a wallet.dat file which Bitcoiners can put into their Bitcoin client. The Bitcoin address currently contains over 10.6, or $2,800. You’re probably wondering, Why would anyone give away a wallet holding so much money? It’s because the wallet is encrypted, and cannot be opened without entering its passphrase.

Also read: NSA is Working on an Encryption-Cracking Quantum Computer

Can You StealMyWallet?

Bitcoiners have contributed a few bits to the StealMyBitcoin.com address, further encouraging people to attempt to crack it. Screenshot from Blockchain.info.

In order to gain access to the wallet and spend bitcoins from it, someone needs to enter the wallet’s password, which is unknown. An excellent password, containing uppercase and lowercase letters, numbers, and special characters, with many characters, could take ten trillion billion years for one million of the world’s most powerful computers working together to crack. We don’t know how secure StealMyWallet.com’s wallet password is, but it appears that no one has cracked it yet, as its bitcoins haven’t moved. I tried to crack it just for the hell of it, using Blockchain.info’s import wallet backup feature, and guessing passwords such as “123”, “hello”, and “password123”, none of which worked. A much more practical approach to cracking it would be using brute force methods– checking each and every possible password, starting with (for example) 0, then 1, then 2, and so on. However, with a secure password, as stated above, this could still take millions of years.

Some Bitcoiners have expressed concern that the wallet.dat file contains malware which will attempt to steal your bitcoins, and advise people to be cautious when downloading the file. According to StealMyWallet.com, the wallet.dat file has been downloaded 1,695 times. This isn’t the first time someone has created a challenge like this– in the past, a few contests have been run encouraging users to crack BIP38-encrypted private keys, such as a 4-character BIP38 key posted on reddit 10 months ago (still not solved!), and a 5-letter BIP38 key posted on BitcoinTalk that took two days to crack. These contests provide a fun space for Bitcoiners to work together on a problem and friendly competition to test different security aspects of Bitcoin.

Neither Jonathan Saewitz nor CryptoCoinsNews is responsible for anything you download; do so at your own risk. Bitcoin address information screenshot from Blockchain.info.

Images from Shutterstock.

Tags: encryption
Jonathan Saewitz @SuperCryptoGuy

I am a teenager in high school who is very interested in digital currencies. I enjoy researching Bitcoin and other digital currencies, but my favorite crypto is Dogecoin. Please feel free to email me at jonathansaewitz@gmail.com.