- In 2020, 127,426 BTC were stolen from the LuBian mining pool, valued at that time at $3.5 billion.
- As of today, the value of the stolen assets exceeds $14.5 billion.
- Arkham experts believe that the hack was due to a weakness in the generation of private keys.
Analysts from Arkham Intelligence reported the revelation of the largest Bitcoin theft in the history of the crypto industry. According to their data, in December 2020, 127,426 BTC were stolen from the Chinese mining pool LuBian. At the time of the incident, the loss amounted to approximately $3.5 billion, and now, at the current exchange rate, the value of the assets has already reached over $14.5 billion.
This is reported by Finway
Details of the Hacker Attack and LuBian’s Response
As Arkham specialists discovered, the hack occurred on December 28, 2020. The attacker managed to withdraw over 90% of all Bitcoins from the pool, while the administration only managed to transfer a remaining balance of 11,886 BTC to backup wallets. At the same time, information about the massive embezzlement was not officially disclosed by either LuBian’s management or the hackers themselves. Only now have the details of this unprecedented attack come to light.
At that time, LuBian was among the top 6 largest Bitcoin mining pools. On its official website, the pool positioned itself as “the safest high-yield pool in the world.” However, by February 2021, the service unexpectedly ceased operations. At that time, this was explained by regulatory intervention or a transition to a closed mode, but Arkham believes that the real reason was indeed the theft.
Reasons for the Hack and Consequences for the Industry
Arkham experts established that LuBian used a private key generation algorithm with a serious vulnerability that allowed for brute-force attacks. This was the main factor in the loss of funds. After the incident, the pool’s administration attempted to reach out to the hacker, sending over 1,516 messages through the OP_RETURN field and spending approximately 1.4 BTC on this.
“To the white hat hacker who saves our assets. Contact us to discuss the return and your reward,” read one of the messages.
However, as researchers note, no response was received from the attacker. As of now, the stolen Bitcoins remain inactive, leading to speculation: either the hacker has already been caught, or he is wary that moving the funds will trigger a large-scale investigation.
This theft set a new record in the crypto industry, surpassing even the Bybit exchange incident, where $1.5 billion was lost. Arkham emphasizes that the story of LuBian serves as a powerful warning for market participants about the necessity of strict adherence to security standards. Experts recommend using only reliable random number generators for creating private keys and implementing multi-layered protection systems when storing digital assets.
It is worth noting that according to the latest report from Hacken, in the first half of 2025 alone, the crypto industry suffered losses of $3.1 billion — already exceeding the total losses for the entire year of 2024.