Arkham links 2020 LuBian breach to the biggest Bitcoin theft on record
A five year old security failure at the LuBian Bitcoin mining pool has been identified as the largest cryptocurrency theft by value. Blockchain analytics firm Arkham says more than 127,000 BTC was drained from LuBian in late 2020, worth about 3.5 billion US dollars at the time and about 14.5 billion US dollars at today’s prices. The incident went unreported until Arkham’s analysis surfaced this month.
The loss eclipses past headline hacks when measured in dollars. Mt. Gox lost more coins in the early 2010s, but Bitcoin’s price was far lower, which kept the nominal loss smaller than LuBian’s 2020 hit. If Arkham’s findings are confirmed, the LuBian case sets a new high water mark for crypto thefts by value.
Arkham attributes the breach to weak private key generation. LuBian’s system reportedly relied on only 32 bits of entropy, which would make brute forcing viable with modest hardware. That design choice would be far below accepted cryptographic standards and helps explain how the attacker accessed thousands of wallets without triggering alarms.
Investigators say more than 5,000 wallets tied to LuBian were compromised, allowing the attacker to siphon almost all of the pool’s holdings. The mining pool disappeared from the network in 2021, only a few months after the theft. LuBian had promoted itself as a safe, high yield pool, a claim now overshadowed by its collapse.
Most of the stolen coins have remained dormant. There have been no public signs of large scale laundering or spending since the breach. Authorities have since arrested a suspect, although details remain limited.
Security practitioners say the episode underscores basic lessons for crypto infrastructure. Entropy sources must be robust. Private keys must be generated and stored with audited methods. Operators should monitor balances and withdrawals in real time, combined with layered access controls and incident response plans. The LuBian breach shows how a single weak link can expose billions, even at organisations that appear sophisticated from the outside.
Photo Credit: DepositPhotos.com