2020, which equates to approximately $14.5 billion today. This incident
represents the largest confirmed cryptocurrency theft to date. (Image courtesy of
Michael Fortsch, Unsplash)
A cybersecurity incident at LuBian, a now-defunct Chinese Bitcoin mining operation, has
come to light thanks to analysis by
Arkham Intelligence. The digital sleuthing uncovered that a hack in December 2020 resulted in the loss of
127,426 Bitcoins. At the time, this amounted to $3.5 billion, but with Bitcoin’s surge in
value, it’s now worth around $14.5 billion. LuBian briefly held a significant position in
the Bitcoin mining landscape, controlling about six percent of the total network hash rate
around mid-2020 before its sudden disappearance from the public sphere in 2021.
Blockchain forensic data suggests that the primary security breach occurred on December 28,
2020. During this event, over 90% of LuBian’s total holdings disappeared in a single, large
transaction. The following day, the perpetrators made off with an additional $6 million
worth of Bitcoin and USDT from a LuBian-controlled address on the Bitcoin Omni layer.
Subsequently, LuBian quickly transferred its remaining digital assets to recovery wallets on
December 31st.
Arkham’s in-depth investigation indicates that the most probable entry point for the attack
was a flawed and easily compromised key-generation system. Reports suggest LuBian utilized a
mere 32 bits of entropy, a security level that could be bypassed relatively quickly using
standard gaming hardware through a brute-force attack.
It appears LuBian was aware of the compromise. Evidence suggests the pool spent 1.4 bitcoins
to send over 1,500 OP_RETURN messages, essentially digital pleas, to the attacker, imploring
them to return the stolen assets. These actions strongly suggest the messages were sent by
LuBian’s legitimate operators rather than an impersonator attempting to capitalize on the
situation.
Since the initial theft, neither party has moved their assets significantly. LuBian retains
control of its remaining 11,886 Bitcoins, currently valued at approximately $1.35 billion.
The attacker’s last activity involved consolidating funds into various wallets in July 2024.
Based on current valuations, the stolen Bitcoin holdings would rank the attacker 13th among
the largest known Bitcoin holders according to Arkham Intelligence, placing them just above
the individual responsible for the Mt. Gox hack.
I’m a tech geek at heart, and it all started back in middle school. I’ve always loved messing around with gadgets—rooting Android phones and jailbreaking iPhones was my thing. I’ve definitely bricked a few phones along the way, but that never stopped me from trying. For over a decade, I’ve been glued to tech news, always trying to keep up with the latest and greatest. But I’m not just about tech; I’m also really into cars and love following what’s new in the automotive world. Oh, and I should mention that I also worked as a freelance writer. I can’t name-drop the companies I wrote for (you know how it is), but it was a pretty cool experience. I switch between reading, gaming, and keeping up with all the tech and car stuff in my downtime. It’s a mix that keeps things interesting and fun for me.