News

Defcon Hacking Conference: Casascius physical Bitcoins get cracked

By Maria Santos

Last Updated: Jan 2, 2018

Ten minutes. That’s how much time it took for the Defcon researchers Stits and Datagram to break the system of a Casascius Bitcoin for the first time. However, at the conference, the experts said that with a little practice they could recover the private key of a Casascius unit in just one or two minutes.

For the people that still don’t know what the Casascius are, these physical Bitcoins have a little card embedded inside, which contains a digital currency wallet linked to an account with the same value as the one engraved in the coin. The devices are protected by a layer of holograms and an 8-digit code and it was supposed to be very difficult to tamper with one of these, but this year’s Defcon conference showed the contrary.

Want to know how Stits and Datagram did it? Take a look.

Step 1

20130803_135932

First, they used a hypodermic needle to inject tiny amounts of a “non-polar solvent” (the name the researchers gave to the substance used without disclosing its real name) between the holographic security sticker and the coin itself.

Step 2

20130803_135941

After the solvent almost dissolved the adhesive, they peeled back the holographic foil and gained easy access to the private key beneath it.

Step 3

20130803_140138

Then, they quickly replaced the sticker and a new adhesive was placed. In the end, the “new” coin only had an almost invisible mark where the needle was initially inserted.

After the demonstration, the researchers suggested some safety improvements that could benefit the Casascius coins: multiple layers of holo foil, scored stickers or even melting the edges of the plastic and brass together were some of the advices Stits and Datagram gave to the Casascius’ team.

Next challenge for the researchers? Try the same in the more expensive coins.

Via codinginmysleep.com

Disclaimer Icon

Disclaimer
Crypto is a high-risk asset class. This article is provided for informational purposes and does not constitute investment advice. You could lose all of your capital.
99Bitcoins may receive advertising commissions for visits to a suggested operator through our affiliate links, at no added cost to you. All our recommendations follow a thorough review process.

In This Article

Free Bitcoin Crash Course

  • Enjoyed by over 100,000 students.
  • One email a day, 7 days in a row.
  • Short and educational, guaranteed!

Why you can trust 99Bitcoins

10+ Years

Established in 2013, 99Bitcoin’s team members have been crypto experts since Bitcoin’s Early days.

90hr+

Weekly Research

100k+

Monthly readers

50+

Expert contributors

2000+

Crypto Projects Reviewed

Google News Icon
Follow 99Bitcoins on your Google News Feed
Get the latest updates, trends, and insights delivered straight to your fingertips. Subscribe now!
Subscribe now
Maria Santos
Maria Santos
Crypto Writer

Maria is an experienced journalist currently living in the UK. She has been writing about Bitcoin and the altcoin universe since 2013. She is also a member of the Lifeboat Foundation's New Money Systems Board and a big cryptocurrency supporter. Read More

Back to top