Blockchain intelligence firm Arkham has disclosed that 127,426 $BTC , worth nearly $14.5 billion today, was quietly stolen from Chinese mining pool LuBian in late 2020. The heist, which had remained hidden from the public for almost four years, now ranks among the largest crypto thefts in history by current valuation.
👉In Brief
Arkham Intelligence revealed that 127,426 BTC were stolen from Chinese mining pool LuBian in December 2020, making it one of the largest crypto thefts ever by value.
The attacker may have exploited a flaw in LuBian’s private key generation algorithm, allowing for a brute-force breach.
Despite the magnitude, the hack remained unknown until now. None of the stolen BTC has moved since July 2024, and LuBian has tried contacting the hacker via OP_RETURN messages.
💥Mysterious disappearance explained
LuBian emerged in April 2020, branding itself as “the safest high-yielding mining pool in the world.” Within months, it became the sixth-largest Bitcoin mining pool globally. But by February 2021, the platform vanished without warning. While many speculated that Chinese government pressure or an internal pivot had triggered the shutdown, Arkham’s findings point to a far more dramatic cause: a catastrophic hack.
According to Arkham, LuBian was first compromised on December 28, 2020, when over 90% of its Bitcoin holdings were drained. The next day, an additional $6 million in BTC and USDT was stolen from a LuBian wallet on Bitcoin’s Omni layer. At the time, the entire haul was worth about $3.5 billion, still more than any other single theft to date.
💥How the exploit may have happened
Arkham researchers believe the attacker exploited a vulnerability in the algorithm LuBian used to generate private keys, making them susceptible to brute-force attacks. The analytics platform wrote:
It appears that LuBian was using an algorithm to generate its private keys that was susceptible to brute-force attacks.
Despite the theft, LuBian managed to preserve 11,886 BTC, currently worth about $1.35 billion, which it still controls.
What’s more surprising: the attacker has not moved any of the stolen Bitcoin since July 2024, suggesting either fear of being tracked or plans for a more covert liquidation strategy.
💥A plea through the blockchain
LuBian reached out directly to the attacker via Bitcoin’s OP_RETURN field, a method that embeds small messages into blockchain transactions. In two messages, the company appealed:
To the whitehat who is saving our asset, you can contact us… to discuss the return of asset and your reward.
This implies LuBian initially hoped the attacker may have been an ethical hacker willing to negotiate. So far, there’s been no public indication of any returned funds.
🚀🚀🚀 FOLLOW BE_MASTER BUY_SMART 💰💰💰
Appreciate the work. 😍 Thank You. 👍 FOLLOW BeMaster BuySmart 🚀 TO FIND OUT MORE $$$$$ 🤩 BE MASTER BUY SMART 💰🤩
🚀🚀🚀 NOT JUST LIKE BUT, CLICK FOLLOW BE MASTER BUY SMART - Thank You.
