Bitcoin

Arkham Uncovers $14.5B Bitcoin Theft From LuBian Mining Pool in 2020

2 weeks ago
Bitcoin Ethereum News

Key Insights:

  • 127,426 BTC stolen from LuBian in December 2020, Arkham reports
  • Hack attributed to weak private key generation vulnerable to brute-force attacks
  • Stolen BTC remains largely untouched, ranking hacker as 13th largest BTC holder

Blockchain analytics firm Arkham Intelligence has revealed details of what it calls the largest Bitcoin theft in history. The firm alleges that 127,426 BTC was stolen from the Chinese-based LuBian Mining Pool in late December 2020. At the time, the stolen assets were worth $3.5 billion and are now valued at $14.5 billion.

LuBian was among the top global mining pools in 2020, controlling nearly 6% of Bitcoin’s hash rate. Arkham’s analysis shows that more than 90% of LuBian’s BTC reserves were drained on December 28, 2020. Two days later, another $6 million in BTC and USDT was taken from a related address on the Bitcoin Omni layer.

AD 4nXdpPdwtpPKwuX6umZp5BhM7FCpNumga1y6PKdyxrv7umsetOpnX4I8frOmOEkslgZ5oazuQoi0j31Ho5SW684WYB1ck Dff7K4tdAPlmdPe01TmFVf s
Source : X

The remaining 11,886 BTC was moved into recovery wallets by the end of December 2020. This portion, currently worth about $1.35 billion, remains under LuBian’s control. However, the mining pool disappeared from public operations in February 2021.

Dormant Funds and Suspected Exploit Method

Arkham attributes the breach to weak private key generation, possibly due to flawed algorithms susceptible to brute-force attacks. A related report linked the weakness to Trust Wallet code using 32-bit entropy, previously targeted in large-scale wallet compromises. These vulnerabilities highlight the security limitations in early mining infrastructure.

On-chain records reveal LuBian used the Bitcoin OP_RETURN feature to send over 1,500 messages to the suspected hacker. The pool spent 1.4 BTC on these transactions, urging the return of stolen funds and offering potential rewards. Arkham states that the authenticity of these messages suggests they came from the legitimate wallet owner.

The stolen BTC has remained largely dormant, with the last significant movement occurring in July 2024 during wallet consolidation. Arkham’s tracking shows the hacker’s address now ranks as the 13th largest Bitcoin holder, surpassing wallets tied to the Mt. Gox breach. Neither the hacker nor LuBian has made any public statements regarding the theft.

Arkham has published wallet trackers for both the hacker and LuBian, but the identities involved remain unknown.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Source: https://coincu.com/news/arkham-uncovers-14-5b-bitcoin-theft-from/