Arkham Intelligence discovered a theft of 14.5 billion USD from LuBian, which could be the largest cryptocurrency theft at the time it occurred.
Arkham Intelligence has revealed a previously unreported large-scale Bitcoin theft, where 127,426 BTC worth currently 14.5 billion USD was seized from the Chinese mining pool LuBian in December 2020. According to this blockchain analysis platform, this could be the largest cryptocurrency theft in value at the time it occurred, with 3.5 billion USD worth of Bitcoin stolen at that time.
Compared to the Mt. Gox exchange which lost about 744,000 BTC throughout its operation, the price of Bitcoin at the time Mt. Gox collapsed only amounted to hundreds of millions USD, not billions like in the LuBian case. This makes the LuBian hack one of the largest financial losses in the history of cryptocurrency.
LuBian appeared suddenly at the end of April 2020 and quickly grew to become the 6th largest mining pool on the Bitcoin network at one point. The message in Chinese on their website once claimed this was the “safest and most profitable mining pool in the world.” However, by February 2021, LuBian disappeared abruptly, leading cryptocurrency asset investors to speculate that the mining pool may have been forced to shut down by the Chinese government or transitioned to operate privately.
Large-scale attack and security vulnerability
According to Arkham's report, LuBian was essentially the victim of a large-scale cyber attack that led to a significant portion of their reserves being stolen. “It seems they were hacked for the first time on December 28, 2020, losing over 90% of the BTC they held,” Arkham wrote in the report. Shortly thereafter, on December 29, approximately 6 million USD worth of Bitcoin and USDT was further stolen from an address belonging to LuBian on the Bitcoin Omni Layer.
Arkham believes the cause may lie in LuBian's private key generation algorithm. “It appears that LuBian used a private key generation algorithm vulnerable to brute-force attacks,” this analysis platform noted. Nevertheless, LuBian still retains 11,886 BTC worth 1.35 billion USD that has not been stolen and continues to hold this amount to date.
One notable point is that the suspect has not moved any Bitcoin since July 2024. LuBian has sent several messages to the attack addresses via the OP_RETURN field on Bitcoin transactions, stating: “To the white hats who are helping to protect our assets, you can contact us to discuss the return of assets and your reward.”
This message came with an email address, but it is currently unclear whether the hacker responded. Arkham has also not made an official comment when asked for a response by The Block. This incident once again highlights the importance of security in the cryptocurrency mining industry and the potential risks that large mining pools face.
