On-chain analysis uncovers that in December 2020, weak private key generation allowed hackers to drain over 90% of LuBian’s BTC, making the attacker one of the largest Bitcoin holders.
Blockchain analytics firm Arkham Intelligence revealed that in December 2020, the LuBian mining pool was hacked, resulting in the theft of 127,426 BTC—worth about $3.5 billion at the time and now approximately $14.5 billion. The breach, carried out over two days due to weak private key generation, included an additional $6 million theft from an associated Omni-layer address. Despite LuBian’s efforts, including sending over 1,500 OP_RETURN messages using 1.4 BTC to recover assets, the attacker retains the stolen funds, ranking even ahead of the 2011 Mt. Gox attacker.