Arkham Exposes LuBian Attack, the Biggest Bitcoin Theft in History

LuBian Attack: The $14.5 Billion Bitcoin Heist That Went Undetected for Years

In a revelation that has sent shockwaves across the global cryptocurrency community, blockchain intelligence platform Arkham has uncovered one of the largest and longest-hidden digital asset thefts in history. Dubbed the "LuBian Attack," the incident centers on the theft of 127,426 Bitcoins from a major Chinese Bitcoin mining pool back in December 2020. At the time of the theft, the stolen Bitcoin was worth approximately $3.5 billion. Fast forward to 2025, and the value of the compromised assets now exceeds a staggering $14.5 billion.

Source: X

What makes this case especially extraordinary is not only the sheer size of the stolen amount but also the fact that the breach remained hidden for nearly four years. Neither the mining pool nor the hacker disclosed the attack, allowing it to go unreported until Arkham’s recent investigation brought the crime to light.

Timeline of a Historic Heist

According to Arkham’s detailed timeline, the attack began on December 28, 2020. On that day, cybercriminals successfully infiltrated the mining pool's storage infrastructure, gaining control over 90% of its Bitcoin holdings. Just one day later, on December 29, the hackers struck again—this time targeting a wallet operating on the Bitcoin Omni layer. An additional $6 million in BTC and USDT was siphoned off in this second wave.

Then, on December 31, 2020, the mining pool began emergency actions to protect what was left. A total of 11,886 digital assets were moved into more secure wallets as part of their recovery plan. Today, that remaining amount is worth over $1.35 billion.

A Quiet Response: Secret Messages to the Hacker

In a highly unusual move, the affected mining pool opted not to disclose the breach to the public or regulatory bodies. Instead, they took a quiet and desperate approach—communicating directly with the attacker. Records show that between 2021 and 2024, the pool sent a total of 1,516 OP_RETURN messages to wallets holding the stolen Bitcoin.

These on-chain messages pleaded for the return of the stolen funds, an act that cost approximately 1.4 BTC to execute. The content of the messages has not been released in full, but the intent was clear: a direct appeal to the hacker’s conscience.

This decision to remain silent and communicate covertly with the attacker has sparked controversy. Critics argue that such behavior undermines trust in the cryptocurrency ecosystem and highlights a glaring lack of transparency in handling security incidents.

Anatomy of the Attack: Flawed Key Generation

Arkham’s analysis identifies a critical vulnerability in the private key generation protocol used by the mining pool. Specifically, the pool relied on a weak algorithm that produced easily predictable private keys. This opened the door for a brute-force attack—a method where hackers attempt thousands or millions of combinations to guess the correct key.

By exploiting this weak security architecture, hackers gained full access to the wallets and their contents. Arkham’s findings illustrate that even large-scale, professional mining operations are not immune to fundamental security oversights.

“The LuBian Attack is a stark reminder that operational security must be a top priority,” said an Arkham spokesperson. “Even the largest players in the industry are vulnerable if they fail to implement robust cryptographic practices.”

The Aftermath: Who Holds the Stolen Bitcoin?

As of July 2024, the stolen funds have not been moved or liquidated. Instead, the hacker consolidated the holdings into a series of new wallets, which remain under close watch by blockchain analysts.

Arkham reports that the wallets now associated with the LuBian attacker collectively make the individual or group the 13th largest holder of Bitcoin globally. This unprecedented ranking has further fueled interest in the case, as many wonder whether law enforcement or international agencies will attempt to recover the stolen assets.

Despite the staggering value of the theft, no arrests have been made, and no formal investigation had been publicized prior to Arkham’s report.

A Cautionary Tale for the Crypto Sector

The LuBian Attack has already begun reshaping conversations around security in the digital asset space. Experts say the incident highlights the urgent need for more rigorous cybersecurity standards across the industry—especially among mining pools and exchanges.

“It’s not enough to be fast or profitable in this space,” said Maya Linton, a cybersecurity researcher at CryptoShield. “If you’re not secure, you’re a target. And you may not even know you’ve been hit until years later.”

Industry leaders are now calling for mandatory security audits, real-time threat detection systems, and public transparency when breaches occur. There’s also increasing pressure on regulators to implement tighter compliance rules to prevent such incidents from happening in the future.

Why It Matters: A Turning Point in Bitcoin History

While previous high-profile hacks, such as the Mt. Gox breach in 2014 or the ByBit attack, made headlines and prompted sweeping changes, the LuBian Attack may go down as the most significant theft in Bitcoin history. It not only surpasses all previous records in terms of monetary value but also raises serious concerns about the way cyberattacks are handled—or not handled—by major players in the crypto world.

“This is a wake-up call,” said Jackson Wu, a blockchain security analyst based in Singapore. “Not just for miners, but for every institution holding digital assets. If one of the largest mining pools in the world can be compromised and remain silent for four years, we have a serious accountability problem.”

Looking Ahead: What Comes Next?

The uncovering of the LuBian Attack has opened the door to further investigations. Questions remain about who was behind the attack, why the mining pool stayed silent, and whether law enforcement agencies will intervene now that the breach has been publicly exposed.

For now, Arkham’s findings stand as a landmark investigation—one that not only illuminates a dark chapter in Bitcoin’s history but also serves as a powerful reminder of the importance of vigilance, transparency, and innovation in the fast-moving world of digital finance.

Writer @Ellena

Ellena is an experienced crypto writer who loves to explore the intersection of blockchain technology and financial markets. She regularly provides insights into the latest trends and innovations in the digital currency space.

 

 Check out other news and articles on Google News

Disclaimer:

The articles published on hokanews are intended to provide up-to-date information on various topics, including cryptocurrency and technology news. The content on our site is not intended as an invitation to buy, sell, or invest in any assets. We encourage readers to conduct their own research and evaluation before making any investment or financial decisions.

hokanews is not responsible for any losses or damages that may arise from the use of information provided on this site. Investment decisions should be based on thorough research and advice from qualified financial advisors. Information on HokaNews may change without notice, and we do not guarantee the accuracy or completeness of the content published.