Losing access to your crypto wallet is hell. It’s like owning a car but not having its keys or having a house but not being able to enter. In some cases, crypto is gone for good, but in certain situations, your lost funds can still be recovered: crypto recovery services charge you a percentage-based fee if they succeed in restoring full access to your crypto wallet. How does crypto wallet recovery work? It uses various methods to recover access to the wallet, like a brute force attack, dictionary attacks, or specialized software that can help reconstruct and recover the lost data to gain access in case your backup file with the seed is accidentally deleted or corrupted. Brute force means trying out every possible combination of letters and words, and it is only possible if you remember parts of your seed phrase (to fill in the missing words). A dictionary attack means to run a script that attempts millions of password variations using common words, phrases, or variations. It's important to note that crypto that was sent to the wrong address and not be recovered by a crypto recovery service and is not accessible forever, meaning it's "burned". As you can see, there are multiple ways to lose the key to your crypto wallet. Let’s see how you can recover access to your wallet once disaster strikes.
How Does Wallet Recovery Work?
Wallet recovery is unlike your average password recovery process where you just click “reset password” and you’re good to go. some of these methods are like finding a needle in a haystack: they can be very technical or very experimental or even borderline unethical or illegal. If you are curious how does crypto wallet recovery work, here’s a breakdown of each method:
- Brute force attack. This is a method that tries every combination of words, letters, or numbers until the correct combination is found. This works best when you remember part of your password or key because it narrows down the number of combinations that need to be tried. You can use specialized software and feed it the bits you remember, and then it runs all possible options at a high speed. If you forget your seed phrase but remember parts of it, such tools can try all combinations to fill in the blanks. On the other hand, if you do not have a clue about the seed phrase, brute force attacks won’t work.
- Dictionary attack. Instead of running through every possible combo, this technique uses the most common passwords and variations until the correct password is found. This helps if you set a key that is easy to guess, like a birthdate or your pet’s name. Tools use public databases like rockyou.txt to scan common password compilations. This method only works for guessing the password to a non-custodial wallet and is completely useless for passphrase recoveries.
- Side channel attacks. If you send your cold wallet to the recovery company, this method can observe the device's physical parameters and electronically glitch it to bypass security measures like PIN codes and passwords. Techniques include measuring power outages, heat output of your device, or triggering faults to extract secured information. This is not recommended to do without a crypto recovery company, so don’t do it yourself at home just because you read a few threads on this. Naturally, this method is not useful for recovering passphrases stored elsewhere.
- AI & Machine Learning. Who would’ve guessed? You can use AI to crack your forgotten crypto wallet key. Using Long Short-Term Memory (LSTM) networks, the recovery company will predict and fill in the missing words in your seedphrase. This method is a bit fishy: providers claim that they use sample seed phrases to predict your missing word(s). Either way, recovery with AI is very much in its infancy, so you’d better triple check any company offering such recovery services.
We must note that if you need to try any of the above methods, make sure you trust the right experts with the task. At PlasBit we believe that having context is key to managing your way in the crypto world, so we highly recommend thinking (or reading) twice before jumping into crypto wallet recovery.
What Is The Cost Of Recovering Lost Bitcoin?
Okay, so you did your reading, understood how does crypto wallet recovery work, decided to recover your lost bitcoins, but still have the aching question: what is the cost of recovering lost Bitcoin? On average, it's 30% of your wallet value, depending on the type of wallet you have. It's important to use services that don't take upfront payments, because these are usually scams, but use services that charge a percentage from the funds after recovering access to the wallet. Naturally, there are multiple ways you can try to recover your lost assets:
- DIY: We highly do not recommend this option at PlasBit unless you have the expertise. Sure, it costs you nothing, but it can take up a lot of your time and your computer resources (which, eventually, costs you money). Seed brute-forcers like BTCrecover, passphrase permutation scripts, and dictionary generators are relatively low-effort methods you can try. Of course, you should always make sure you know what you are doing and understand that the responsibility is on you if anything goes South.
- Recovery services: These can take many shapes and forms. Researching recovery services before committing any cash is key. Once you’re settled, these providers can charge you a few hundred bucks to even thousands or ask for a success-based fee, which can range between 10-30%. The exact price is always subject to the recovery service provider’s own pricing model, the value of your lost assets, and the complexity of the recovery.
- Side channel recovery: If you lost your passphrase or PIN to your Trezor, Ledger, or other crypto wallet, you can ask a specialist to perform a chip-level attack. The chance of success varies, and you usually have to pay in advance as these experts operate with expensive setups. Typical prices range between $5,000 to as high as $25,000, but some will ask for a percentage of your lost assets.
As you can see, the cost of recovery is not cheap, and the guarantee of success is not part of the bargain.
Why Do People Lose Access To Their Wallets?
Just like in the case of recovering your access to your crypto wallet, losing it in the first place can happen in a multitude of ways.
The most common mistake is a human one: this is when you simply forget your wallet passwords or seed phrases. You perhaps scribbled it on a piece of paper that you threw away by mistake or just trusted your memory when creating the most intricate passwords only to forget it in a few days. Although this is very common with all kinds of passwords, rooting out human error is not that simple. Using a mnemonic device to help you recall a password can get you out of trouble, though.
Next up is physical damage to your cold storage devices or seed phrase metal storage. You can leave your ledger out in the sun or just splash some water on it by accident, or forget your seed phrase metal storage in a humid environment, a fire, or under great physical pressure, causing great damage and making it completely useless. So, always keep your ledger and metal seed phrase protected and away from the elements: you can simply find a good spot for it at home or buy a fire/waterproof safe for it. Another tip is to always have a backup device just in case your primary one breaks down.
Using a “ledgehammer” to crack the code open
The third reason why people might lose access to their wallets is yet another human error. Some folks may accidentally delete wallets, disposing of old hard drives with wallet information on them. The result? That one guy in Wales who accidentally ditched a hard drive containing over $1 billion worth of BTC. He tried to search an entire landfill, but the court ruled against him and didn’t let him access the area, so now he has probably lost his fortune for good. Again, backup drives can safeguard against such complacency.
The Docksway Landfill site in Newport, Wales. Somewhere in there there’s a HDD worth $1 billion
To wrap up, there’s one more mistake we tend to make, which is burning cryptocurrency. It means permanently removing tokens from circulation by sending them to an address no one can access. This can happen either by accident or deliberately - either way, the result is the same: your crypto is lost forever. To avoid burning crypto, make sure to double check the address before sending and that the receiver also has a private key.
Losing Access to $600 Million
We all know a few examples that illustrate how forgetfulness prevented someone from getting filthy rich. Back in 2011, Stefan Thomas, a German programmer, made a short video explaining cryptocurrencies. He received 7,002 Bitcoins, which were worth a few dollars at the time. Not thinking too much about it, he stored his funds on a secure USB stick called IronKey. As it happens, Thomas forgot his password, and to make things even more like a Mission: Impossible plot, after botching eight attempts, he’s now left with only two tries before being permanently locked out.
The man who lost access to over half a billion USD: Stefan Thomas
Thomas really went the extra mile with those eight tries: he hired cryptography experts and even tried hypnosis, all to no avail. Despite still not having access to his fortune, Thomas continues to be an influential figure in the crypto community: he is working on new business models for utilities and energy services while showing how blockchain can improve transparency and efficiency. Not all stories of lost wallet keys have a sad ending. How about this crypto wallet recovery expert who actually found a client’s forgotten password? Here’s a rundown of how (fast) he did it:
Wednesday 8:55 PM: Our hero receives a request regarding the recovery of a lost Bitcoin Core Wallet password.
Thursday 3:44 PM: The client turns out to be a NYC trader who lost access to a small fortune in 2017 (the story takes place in 2021).
Thursday 10:50 PM: The client pens a contact with our hero and quickly locates the wallet.
Thursday 11:15 PM: The client provides a list of words with typos and various stylization (capitalized, space usage, etc.).
Thursday 11:35 PM: The expert writes a small Python code to run all sorts of combinations. The client suggests that it’s probably a combination of 6-8 words.
Thursday 11:37 PM: The script finds the password just 2 minutes after running the code. Our hero transfers the funds to an address accessible by the owner and takes some of the total sum for himself as the fee for these services.
As you can see, this story utilized a brute force attack combined with the coding skills (and computing power) of an expert - yet another sign that if you ever find yourself in a similar situation, you might want to hire a professional instead of doing it by yourself.
Crypto Recovery Company Fee: Full Provider Breakdown
If you don’t want to hire a lone wolf, you can try your luck with a crypto recovery company specializing in typical wallet recovery cases. The average crypto recovery company fee is 30% of your wallet's value on average, depending on the type of wallet you have. Recovering crypto from cold wallets is usually more expensive and takes more time than recovering hot wallets, and the fee also depends on the amount of crypto you hold. Recovering hot wallets is a bit cheaper and costs 20% of your wallet's assets on average because they are easier to access using recovery tools, and usually, they have built-in recovery methods as well. It's important to use services that don't take upfront payments, because these are usually scams, but use services that charge you after recovering your wallet.
We hand-picked the most renowned and trustworthy crypto recovery companies to help you choose the right one for your recovery attempt:
You’ll find many other providers out there who know how does crypto wallet recovery work. Our general advice here at PlasBit is to always do your research: check for trusted reviews, specializations, fees, and make sure that whoever tries cracking up the code protecting your wallet is on your side.
How not to protect your steel crypto wallet: smashed, burned, and bent beyond recognition
Are Crypto Recovery Services a Scam?
In the world of crypto, scams are commonplace. It’s no wonder you may doubt any provider who may be able to access your crypto wallets. So, are crypto recovery services a scam? No, they are not, but many scammers are selling "fake recovery services" that damage the crypto recovery industry's reputation. To understand if the company is legitimate, you need to avoid companies that ask for a down payment and make sure the payment is made only after a successful recovery. Also, you should look up online reviews on websites like Trustpilot and avoid companies with bad reviews also from companies that promise that they can hack any wallet or guarantee they can recover your seed phrase, this should raise a red flag regarding their intentions.
Although there haven’t been any high-profile recovery scams, we picked a few to show you they are very much a possibility:
- Police Scotland warns crypto traders that some scammers may fool people twice: first when trading with crypto, and the second time when the scammed tries to get back their lost assets.
- The Sun reports that three in ten scam victims are scammed at least once more. They quote research done by National Fraud Helpline solicitors that claims that out of 250 fraud victims, 74 are frauded once again.
- An excellent paper on Arxiv shows how scammers pose as experts on social media, only to offer technical help and eventually get away with the money.
If you want to dive deep, the Department of Financial Protection & Innovation in California even has a tracker that lists all the known (and super intricate) crypto scams.
What Is The Cost Of Hiring a Crypto Recovery Company?
If you did your research and finally picked the right provider who knows how does crypto wallet recovery work, there’s only one more question left to answer. What is the cost of hiring a crypto recovery company? It costs 30% of the wallet's assets on average, and 20% if it's a hot wallet. It's important to note that companies that recover crypto can only recover wallets with lost passwords or keys, and not crypto that was sent to a wrong address because it's inaccessible or "burned". Of course, the answer can be a bit nuanced and depends on the company. Some will charge you a percentage based on the wallet value, while others will set a flat price for their services. You’ll find some companies providing their help only with upfront payment, but at PlasBit, we think that this is a shady practice, so you should roll with providers who only ask for a fee if they succeed in recovering your wallet. Also note that your custom quote is influenced by many factors: wallet type (hardware/software), type of loss (lost password, broken or lost device, corrupted files), data you can provide, and the wallet value itself. For instance, if you have a MetaMask wallet containing 1,000 ETH and you don’t remember your seed phrase, you might face a hefty price tag.
Wrapping Things Up
People forget their credentials every day, and crypto is no exception. It’s only natural that dozens of providers race for clients: cracking a long-lost vault open promises massive returns for the company and the owner as well. If you find yourself in a situation like this, just make sure you check up on the provider and learn as much as possible about their background. This should rule out the possibility of fraud, and, with some luck, you might even recover access to your crypto wallet.
