Hackers Finally Break IronKey S200 USB Drive and Could Soon Unlock $238 Million in Bitcoin

A team of talented hackers have managed to break the IronKey S200 portable USB drive, a feat that could make one player in the crypto market $238 million richer.

Wired this week shares the incredible story of a team of engineers in Seattle who found a way to bypass the 10-password-guess threshold of the IronKey S200 – a tamper-resistant USB flash drive used by military and intelligence agencies for classified information.

Although more than a decade old, the technology is thought to still be in use by government agencies. One such drive is also owned by an entrepreneur going by the name of Stefan Thomas. He notoriously has two more password guesses before the 7,000 Bitcoins locked on his old drive get erased. With a single Bitcoin priced at $34,000 today, Thomas is sitting on an eye-watering $238 million.

Using an IronKey S200 test unit supplied by Wired, the team at Unciphered worked intensively for 8 months until they finally managed to beat the 10-guess threshold.

While the team wasn’t willing to share their method entirely, they did confirm they did a bit of physical “surgery” to pry open the drive and unlock its secrets, using massive computing power, and taking some 200 trillion guesses before finally unlocking the passcode.

From Wired’s story:

“To fully reverse engineer the device, Unciphered scanned an IronKey with a CT scanner, then began the elaborate surgery necessary to deconstruct it. Using a precise laser cutting tool, they carved out the Atmel chip that serves as the USB stick's ‘secure enclave’ holding its cryptographic secrets. They bathed that chip in nitric acid to ‘decap’ it, removing the layers of epoxy designed to prevent tampering. They then began to polish down the chip, layer by layer, with an abrasive silica solution and a tiny spinning felt pad, removing a fraction of a micron of material from its surface at a time, taking photos of each layer with either optical microscopes or scanning electron microscopes, and repeating the process until they could build a full 3D model of the processor.”

One of the team’s members, who asked to remain anonymous because of the work with secret hacking techniques and large sums of crypto, said their main incentive to break the S200 was precisely Stefan Thomas’s story.

Unfortunately, Thomas is in no rush to enlist Unciphered for help. According to the report, he already has a deal with two other teams of hackers and remains committed to giving them more time to work on the problem before he brings in anyone else. Plus, he reportedly already has “more riches than he knows what to do with,” from other crypto ventures.