Arkham Says $3.5B LuBian Bitcoin Theft Went Undetected for Nearly Five Years

3 hours ago 2

A crypto wallet tied to a little-known Chinese mining pool may have been the victim of the largest bitcoin theft ever recorded, according to new findings from Arkham Intelligence.

In an Aug. 2 thread on X, the onchain analytics firm said it had uncovered evidence that 127,426 BTC — worth $3.5 billion at the time — was stolen from LuBian Mining Pool in late December 2020. Neither LuBian nor the suspected hacker has ever publicly acknowledged the breach, and Arkham said it is the first to report the incident.

LuBian was one of the largest bitcoin mining pools globally in 2020, reportedly controlling nearly 6% of Bitcoin’s total hash rate as of May that year. The hack, if confirmed, would eclipse the scale of other high-profile exploits like Mt. Gox and Bitfinex by nominal value at the time of loss.

Arkham's analysis indicates that on Dec. 28, 2020, more than 90% of LuBian’s BTC holdings were drained. Two days later, another theft involving about $6 million worth of BTC and USDT occurred, linked to a LuBian address operating on the Bitcoin Omni layer. The company appears to have moved its remaining 11,886 BTC — then worth hundreds of millions — into recovery wallets by Dec. 31, 2020.

A notable detail in Arkham’s report is the presence of OP_RETURN messages — special transactions that allow data to be embedded in the Bitcoin blockchain — sent from LuBian to the hacker. According to Arkham, the mining pool spent 1.4 BTC across over 1,500 transactions attempting to contact the thief, urging them to return the stolen funds. This effort suggests the messages were genuine and originated from the rightful wallet owner.

Arkham believes the vulnerability may have stemmed from LuBian’s use of a flawed private key generation algorithm that left it susceptible to brute-force attacks. The stolen BTC has apparently remained largely dormant, with the last major movement being a wallet consolidation in July 2024.

Due to the price appreciation of bitcoin since 2020, the current value of the stolen assets is estimated to be $14.5 billion. That makes the wallet associated with the LuBian hacker the 13th largest BTC holder tracked by Arkham — surpassing the holdings linked to the Mt. Gox breach.

As of today, both the hacker and LuBian are believed to still control their respective BTC balances. Arkham has published wallet trackers for both parties, but no additional details about the identities involved have been disclosed.

Read Entire Article