TL;DR
- Arkham’s probe decodes a discreet $3.5 billion heist of 127,426 BTC from Chinese mining pool LuBian back in December 2020. That stash now equates to approximately $14.5 billion, marking the largest Bitcoin hack ever uncovered.
- Attackers exploited vulnerabilities in LuBian’s key management system, draining over 90 percent of its BTC reserves. On-chain forensics unearthed negotiation pleas embedded in transaction metadata, hinting at ongoing bounty discussions.
- The breach underscores persistent risks in digital asset custody as cryptocurrency values soar. Regulators, insurers, and industry players face intensified pressure to bolster security and key-generation protocols.
Blockchain analytics firm Arkham says it has unearthed the largest Bitcoin hack in history, tracing the theft of 127,426 BTC from Chinese mining pool LuBian in December 2020. Valued at roughly $3.5 billion at the time, the stolen coins now equal $14.5 billion. Arkham’s on-chain investigation opens fresh concerns over custody practices in the crypto sector.
BREAKING: ARKHAM UNCOVERS $3.5B HEIST – THE LARGEST EVER
LuBian was a Chinese mining pool with facilities in China & Iran. Based on analysis of on-chain data, it appears that 127,426 BTC was stolen from LuBian in December 2020, worth $3.5 billion at the time and now worth… pic.twitter.com/PnIOKgMt0i
— Arkham (@arkham) August 2, 2025
Arkham’s Groundbreaking Discovery
Arkham used its de-anonymization tools to trace a trail of transactions from LuBian’s wallets. Its analysis revealed a coordinated attack on December 28, 2020, that drained over 90% of the pool’s BTC reserves. A subsequent breach siphoned roughly $6 million more in BTC and USDT via the Omni layer. The remaining funds were then moved into recovery wallets.
Anatomy of the Heist
LuBian was among the top five mining pools globally in 2020, controlling almost six percent of the network’s total hash rate. The breach made little public noise at the time, as the company never disclosed the hack. Arkham’s findings suggest the attackers leveraged a previously unknown vulnerability in LuBian’s key management system to execute the theft unnoticed.
The timing of the outflows was conspicuous, with the bulk of funds moved during a narrow window of high network activity.
Vulnerable Keys and On-Chain Messages
Further on-chain forensics uncovered messages exchanged between LuBian and the hackers, offering a reward for whitehats who would return the stolen funds. A request made through transaction metadata encouraged the hackers to discuss a reward at a specified email address.
Arkham also identified flaws in LuBian’s key generation algorithm that may have allowed brute-force or pattern-based exploits to reveal private keys.
Implications for Bitcoin Security
This revelation serves as a stark reminder that custody remains a critical weak point in crypto infrastructure. As the value of digital assets climbs, exchanges and mining operations must reassess their security protocols and key management strategies. The fact that the stolen BTC have remained largely untouched since July 2024 hints at caution or ongoing negotiations.
For the broader Bitcoin community, Arkham’s exposé underscores the importance of vigilance and continuous improvement in safeguarding digital wealth. Regulators and insurers will likely scrutinize key management practices following this unprecedented major breach.