Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Lost Crypto Wallet? New Firm Promises Ethical, Transparent and Inexpensive Recovery

Praefortis is a new company pushing ethical and transparent recovery of lost or forgotten crypto wallet passwords.

Crypto wallet passwords

Losing a crypto wallet password means losing all access to the funds it contains.

On May 22, 2010, Laszlo Hanyecz bought two pizzas for 10,000 BTC. This was the first recorded bitcoin transaction and is famously known as the ‘Pizza Transaction’. Had he held on to his bitcoins, he would (at the time of writing), now have bitcoins to the value of nearly $382.5 million. It demonstrates the dramatic rise in the value of bitcoin.

If Hanyecz had kept his bitcoins, he would almost certainly be using a third party crypto wallet to store and safeguard his private key and to conduct transactions. There will be an unknown number of early investors now sitting on bitcoin wallets with similarly high value content, ultimately protected only by the wallet password. This password is usually user generated, albeit it sometimes with the assistance of the wallet manufacturer.

Wallets come in two flavors: software (hot storage) and hardware (cold storage). Most wallets are software for ease of use and simplicity of concept, but the principles apply to both.

As the value of bitcoin continues to rise and time passes, more and more investors will be thinking about cashing out and retiring. But passwords get lost and forgotten. Regardless of the value contained, a wallet with no password is the ultimate in frozen assets — practical value, zero.

This thinking is the basis of Praefortis — a new company founded in March 2024. Its purpose is the ethical and transparent recovery of lost or forgotten wallet passwords; and it takes a different approach to that common with other individuals or organizations. It does not take your wallet, find the password, extract a fee, and return the wallet minus the fee.

It likes to operate with law firms. The law firm effectively engages Praefortis on behalf of its clients and can therefore oversee ethical practice. In these cases, the law firm oversees the payment to Praefortis. The payment is 10% of the value contained, or $15,000, whichever is lower. It is a lower price structure than most alternatives. The maximum fee is $15k.

Praefortis was formed by two experts in different fields who have worked together for many years: Jim Carden (CEO), and Wesley Brandi (CTO).

Advertisement. Scroll to continue reading.

Carden is an investigator. “I’m not an IT guy,” he told SecurityWeek. “I’m not a cybersecurity guy. I’ve never been a CTO of anything. My initial training was as a police officer, and then I went into the FBI to different task forces and got more advanced training through them. I became a counterintelligence cyber agent with the OSI here in the US, and I went through training with the NSA and the OSI — all with the premise of cyber investigations.” 

He also became a computer forensics and digital evidence instructor with the High Tech Crime Institute Inc. (HTCI), While there, he served as a computer forensics and data exploitation instructor for the NATO Special Operations Forces (SOF) Training and Education Program (NSTEP), familiarizing SOF operators with the process of triaging and processing captured digital materials in support of targeting and evidence-based operations.

During this journey, he interacted with many law firms, regularly being retained as an expert witness where digital forensics was involved.

Brandi (Ph.D) is the tech guy, although also an investigator. After university (Pretoria, South Africa), he was recruited by Microsoft and moved to the US. While at Microsoft, “I was part of a small team of six developers responsible for the development and engineering side of the URL and Application Reputation Service behind Internet Explorer 10 and Windows 10,” he said. “Highlights in this team include the design and implementation of the enterprise client responsible for downloading significant portions of the Internet on a daily basis.”

It is the combination of these two skills — investigating digital forensics and top-level coding expertise — that form the basis of the Praefortis method for crypto wallet password recovery.

Carden, understandably, would not disclose the details of the Praefortis method, but he did tell SecurityWeek: “When you do an investigation into digital evidence in the cyber realm, you must investigate the whole corpus of data that surrounds your subject. So, yes, we investigate the hard drives, we investigate the cell phones, we investigate the thumb drives, the hardware wallets, the software wallets, and the human being all to the same level. And then it’s a combination of the information we gather, and our own custom tools developed by Brandi. Once we place that information into our tool sets, then that’s where we’re able to figure out what the original password was for the wallet.”

Trust is obviously essential when a customer allows this level of investigation into his or her personal digital paraphernalia – so potential customers should do their own investigation of Praefortis. (The theoretical danger is not that you could lose out in the transaction – you cannot, given the no-win-no-fee pricing basis – but that something untoward may be left behind on your systems.)

This is why the company places so much emphasis on trust and transparency. But the bottom line is that you must decide for yourself. If you have lost the password to a wallet that you think may contain bitcoin worth substantially more than $15,000, this new company may be worth exploring.

Related: FBI Finds 1,580 Bitcoin in Crypto Wallets Linked to North Korean Hackers

Related: ‘Nexus’ Android Trojan Targets 450 Financial Applications

Related: Report: Clipminer Botnet Operators Rake in $1.7 Million

Related: NFT Marketplace OpenSea Patches Flaw Potentially Leading to Cryptocurrency Theft

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

Certificate lifecycle management firm Sectigo has hired Jason Scott as its CISO.

The State of Vermont has appointed John Toney as the state’s new CISO.

More People On The Move

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...