Hacker Breaks Into a $2.24 Million Wallet and Now Claims a $60 Million Trezor Crack

Joe Grand’s $2.24 million wallet crack

The biggest confirmed recovery in part one of this “bulk hack series” is not a Trezor case, but a KeepKey wallet. The device held about $2.2 million, and it uses the Trezor model design that shares the same STM32F2 microcontroller family. Grand recovers the wallet and shows a final balance of roughly $2.24 million.

The KeepKey wallet hack is proof that the same physical-attack logic can travel across older wallet designs that rely on the same chip family.

The rest of the video keeps stacking hacks one after another. One divorce-related wallet that the owner thought was worth $800,000 turned out to hold $46,000. A grieving couple who had lost both the PIN and the paper backup recovered 2.025 BTC. Another owner learned his 1.89 BTC had already been moved out years earlier. In one of the darker segments, four separate 1 BTC wallets tied to the same friend setup were all shown empty on the same day in 2024, suggesting the real story was about betrayal.

If you need a hands on guide on why the seed phrase is the real crown jewel and the device itself is only one control layer, our guide to cryptographic keys and digital signatures is the cleaner starting point.

The $60 million Trezor claim is still only a teaser

Grand opens with a montage about wallets locked behind forgotten PINs and seed phrases, then describes “a wallet with a missing pin worth over $60 million guarded by armed security” before saying there is $75 million at stake if the predicted balances are real.

The released video does not show the $60 million wallet being opened, does not show the balance on screen, and does not identify the owner. Joe says he will show that in part two, which is scheduled for tomorrow, Thursday, March 19, 2026 at 7 a.m. PT.

Trezor now has a hardware-wallet PR problem

The technical nuance is important here. Grand is showing a physical attack on older hardware, not a remote compromise of current consumer wallets at scale. Kraken Security Labs documented the physical fault-injection angle years ago, and current Trezor documentation says Model One and Model T do not include a Secure Element, while newer Safe 3, Safe 5, and Safe 7 devices do.

Trezor also tells users that a passphrase adds another layer because it is not stored on the device itself, which is why the company’s passphrase guidance matters more after a video like this. But that is not how viral security narratives travel. Most people will not parse chip families, fault injection, or passphrase compartmentalization. They will hear a much simpler line: a hacker cracked old Trezor-style wallets over and over again on camera.

That is the PR nightmare. Even if the technical answer is “older models, physical possession, specialized equipment, and not every wallet,” the reputational headline collapses into “Trezor hack.” Self-custody companies have seen that gap before. In our Ledger breach coverage, the practical risk and the public takeaway also split in messy ways, and trust was still the asset that took the bigger hit.