Arkham has discovered the largest cryptocurrency theft in history, with a loss of 3.5 billion dollars from a Chinese Bitcoin Mining Pool.

The blockchain analysis platform Arkham Intelligence recently claimed to have traced the discovery that the Chinese Bitcoin mining pool LuBian was hacked at the end of 2020, resulting in losses of up to 3.5 billion USD, which could be the largest cryptocurrency theft case in history. This incident has not been widely reported, and neither the mining pool nor the alleged perpetrators have made any public statements regarding this intrusion, making this silent breach even more mysterious.

A far-reaching silent breakthrough: LuBian Mining Pool hacked

Arkham revealed in a detailed post shared on X on August 2 that in December 2020, LuBian was hacked for 127,426 BTC, worth approximately $3.5 billion at the time. This cyber attack has not been reported until now, and neither the mining pool nor the alleged perpetrators have made any public statements regarding this intrusion.

LuBian is a mining pool operator established in May 2020, which was attacked by hackers on December 28, 2020, losing 127,426 Bitcoins. According to Arkham's data, this amounts to approximately 14.5 billion USD at current market prices. The mining pool salvaged 11,886 BTC by transferring funds to different addresses, which are still held by the mining pool to this day.

If Arkham's investigation results are confirmed, the scale of this loss will exceed the loss amounts from the Mt. Gox and Bitfinex hacking incidents. Arkham's data shows that on December 28, 2020, LuBian lost over 90% of its Bitcoin holdings in an attack. Two days later, another $6 million worth of Bitcoin and USDT was stolen from a wallet associated with the Bitcoin Omni protocol. According to reports, as of December 31, LuBian had transferred the remaining 11,886 Bitcoins to a separate recovery wallet in an attempt to preserve the remaining funds.

Hacker Techniques and Blockchain Clues: Brute Force and OP_RETURN Messages

The blockchain intelligence platform stated that the recent hacker attack is suspected to have occurred through brute force cracking, leaking unsafe private keys generated by the algorithm. Arkham indicated that this data breach may originate from a vulnerability in the LuBian key generation algorithm, which could lead to private keys being subjected to brute force attacks. Although the specific nature of the vulnerability is still unclear, Arkham's evidence points to severe flaws in the wallet security measures.

A notable aspect of the Arkham report is its focus on OP_RETURN messages found in the Bitcoin blockchain—transactions that allow the embedding of metadata. The analysis found that LuBian spent 1.4 BTC in over 1500 small transactions attempting to contact the hacker, pleading for the return of stolen assets. Arkham believes this strongly indicates that these messages are legitimate and sent by the rightful owner of the wallet.

It is noteworthy that since the incident occurred, the stolen BTC has basically remained idle. The last significant movement observed was a wallet consolidation in July 2024, suggesting that the attackers may still be holding these funds.

Conclusion

Arkham Intelligence's investigation into the LuBian Mining Pool hacking incident has revealed the largest theft in the history of crypto assets. This incident not only highlights the importance of private key security but also reaffirms the powerful ability of Blockchain analysis in tracking the flow of funds. Although the stolen funds have yet to be recovered, this incident serves as a wake-up call for crypto asset security, reminding all participants to remain vigilant against potential risks.