CoinLaw

Bringing Crypto & Finance Closer to You

Subscribe To Our Newsletter

Crypto’s Biggest Heist: How LuBian Lost $14.5B Without a Trace

Updated on: August 4, 2025
As Featured In
FortuneYahoo! FinanceCoinDeskSeeking AlphaCoin Market Cap

A 2020 Bitcoin theft targeting China’s LuBian Mining Pool has resurfaced, with Arkham Intelligence uncovering what may be the largest crypto hack in history.

Key Takeaways

  • 1Arkham Intelligence uncovered a hidden 2020 hack involving 127,426 BTC stolen from LuBian Mining Pool.
  • 2The stolen Bitcoin, once worth $3.5 billion, is now valued at $14.5 billion.
  • 3The theft went unreported by both LuBian and the hacker until Arkham’s 2025 investigation.
  • 4Weak private key generation was likely the cause, with LuBian sending over 1,500 blockchain messages to the hacker pleading for the funds’ return.

What Happened?

In an explosive revelation, blockchain analytics firm Arkham Intelligence has uncovered a long-hidden heist that siphoned off 127,426 BTC from LuBian Mining Pool in December 2020. Valued at $3.5 billion at the time and now worth $14.5 billion, this is now believed to be the largest crypto theft in history by dollar value.

Arkham’s findings show the mining pool never disclosed the breach, and the hacker has kept most of the stolen BTC untouched for nearly five years.

LuBian’s Sudden Rise and Mysterious Disappearance

LuBian emerged in April 2020 and quickly became one of the top six Bitcoin mining pools globally, controlling nearly 6% of the Bitcoin network’s hash rate by mid-year. It promoted itself as the “safest high yielding mining pool in the world”, yet by February 2021, it vanished from the public eye.

According to Arkham, the breach began on December 28, 2020, when more than 90% of LuBian’s Bitcoin holdings were drained. A follow-up theft occurred two days later, involving $6 million in BTC and USDT linked to another LuBian-controlled address. LuBian was able to salvage 11,886 BTC, worth hundreds of millions, by transferring it to recovery wallets by the end of the year.

The Vulnerability: A Flawed Key Generator

Arkham’s analysis attributes the breach to a flawed algorithm used by LuBian for private key generation. This left the pool vulnerable to brute-force attacks, a critical weakness in an industry where secure key storage is paramount.

The stolen funds were not immediately moved or laundered. Instead, the BTC was left largely dormant, with only a wallet consolidation in July 2024 showing any activity. This inactivity may have contributed to the hack staying under the radar for so long.

Newsletter Img
Don't chase the news. Let us curate it.

You get one weekly briefing with only the stories that matter. If the market is quiet, we skip it.

OP_RETURN Messages: A Digital Cry for Help

In a desperate attempt to recover the stolen Bitcoin, LuBian spent 1.4 BTC sending 1,516 OP_RETURN messages, a Bitcoin feature that allows data to be embedded in transactions to the hacker’s wallet addresses. These messages urged the thief to return the funds and even offered a reward, underscoring the authenticity of the pleas.

However, no response was ever received, and the stolen Bitcoin remains in limbo.

A Record-Breaking Theft

With the rise in Bitcoin’s price, the hacker’s wallet now ranks as the 13th largest BTC holder tracked by Arkham. This surpasses other infamous incidents, including the Mt. Gox and Bitfinex hacks in terms of present-day value.

For comparison:

  • ByBit’s $1.5 billion hack in 2025 was previously seen as the largest.
  • In April 2025, an elderly individual lost $330 million in a social engineering scam involving 300 wallet addresses.

Yet neither case approaches the scale of the LuBian theft.

CoinLaw’s Takeaway

I find it almost unbelievable that a $3.5 billion hack went completely unnoticed for five years. This isn’t just a story about a mining pool getting hacked. It’s a case study in how poor security and a lack of transparency can lead to staggering losses. The fact that LuBian was quietly pleading for the return of funds using blockchain messages shows how helpless they were. And that these funds are still sitting untouched is chilling. If anything, this should be a wake-up call to anyone storing large amounts of crypto: do not compromise on key security, and never assume silence means safety.

Add CoinLaw as a Preferred Source on Google for instant updates! Follow on Google News
Kathleen Kinder

Kathleen Kinder

Senior Editor

Kathleen Kinder brings over 11 years of experience in the research industry, with deep expertise in finance, cryptocurrency, and insurance. At CoinLaw, she writes timely, reader-focused news articles and also serves as a senior editorial reviewer. Drawing on her background in B2B research, consumer insights, and executive interviews, she ensures every piece delivers clarity, accuracy, and real-world relevance.

Disclaimer: The content published on CoinLaw is intended solely for informational and educational purposes. It does not constitute financial, legal, or investment advice, nor does it reflect the views or recommendations of CoinLaw regarding the buying, selling, or holding of any assets. All investments carry risk, and you should conduct your own research or consult with a qualified advisor before making any financial decisions. You use the information on this website entirely at your own risk.

Related Posts

Reader Interactions

Leave a Comment

Company
Discover
Categories
Cryptocurrency
Payments
Finance
Banking
Insurance
Categories
Cryptocurrency
Investments
Compliance
Fintech
Finance