Blockchain analytics firm Arkham says it has unearthed the largest Bitcoin hack in history, tracing the theft of 127,426 BTC from Chinese mining pool LuBian in December 2020. Valued at roughly $3.5 billion at the time, the stolen coins now equal $14.5 billion. Arkham’s on-chain investigation opens fresh concerns over custody practices in the crypto sector.
Arkham used its de-anonymization tools to trace a trail of transactions from LuBian’s wallets. Its analysis revealed a coordinated attack on December 28, 2020, that drained over 90% of the pool’s BTC reserves. A subsequent breach siphoned roughly $6 million more in BTC and USDT via the Omni layer. The remaining funds were then moved into recovery wallets.
LuBian was among the top five mining pools globally in 2020, controlling almost six percent of the network’s total hash rate. The breach made little public noise at the time, as the company never disclosed the hack. Arkham’s findings suggest the attackers leveraged a previously unknown vulnerability in LuBian’s key management system to execute the theft unnoticed.
The timing of the outflows was conspicuous, with the bulk of funds moved during a narrow window of high network activity.
Further on-chain forensics uncovered messages exchanged between LuBian and the hackers, offering a reward for whitehats who would return the stolen funds. A request made through transaction metadata encouraged the hackers to discuss a reward at a specified email address.
Arkham also identified flaws in LuBian’s key generation algorithm that may have allowed brute-force or pattern-based exploits to reveal private keys.
This revelation serves as a stark reminder that custody remains a critical weak point in crypto infrastructure. As the value of digital assets climbs, exchanges and mining operations must reassess their security protocols and key management strategies. The fact that the stolen BTC have remained largely untouched since July 2024 hints at caution or ongoing negotiations.
For the broader Bitcoin community, Arkham’s exposé underscores the importance of vigilance and continuous improvement in safeguarding digital wealth. Regulators and insurers will likely scrutinize key management practices following this unprecedented major breach.
