Shocking LuBian Bitcoin Hack: How $3.5B Vanished in Crypto’s Biggest Heist

A dormant Chinese mining pool's catastrophic security flaw led to the largest crypto theft in history, now worth $14.5B

Author Image
Posted by Alan Rada
4 min read Update:
a hacker in a hoodie sitting at a laptop. LuBian Bitcoin Hack: How $3.5B Vanished in Crypto's Biggest Heist

Share this crypto insight on your favorite social media platform

Key Takeaways

  • LuBian Bitcoin Hack: $3.5B stolen in 2020, but Arkham Intelligence exposed 127,426 BTC drained from LuBian, now valued at $14.5B.
  • Brute-force attack: Hackers exploited LuBian’s weak private key generation at one of 2020’s top mining pools (6% of Bitcoin’s hash rate at that time).
  • Silent appeal: LuBian spent 1.4 BTC on 1,516 blockchain messages, like begging for funds’ return, in vain
  • Global wake-up reminder: The heist highlights a systemic risk in crypto custody, surpassing even the Mt. Gox hack, in dollar terms.

LuBian Bitcoin Hack: The Heist That Time Forgot

In December 2020, with the world battling COVID-19, hackers pulled off one of the audacious robberies in crypto history without anyone knowing. Targeting one of Bitcoin’s largest mining pools. In China’s LuBian Bitcoin Hack (the firm used to control 6% of Bitcoin’s hashrate at that time), hackers seemed to have used a brute-force attack to penetrate the crypto wallets of the LuBian mining pool.

Arkham Intel investigation X threat.

From this attack, hackers stole 127,426 BTC, valued at approximately $3.5 billion back in those days. The LuBian Bitcoin hack went undiscovered for nearly five years until Arkham Intelligence publicly reported the theft this week using a new forensic chain analysis tool.

The LuBian Bitcoin Hack timeline could be a Hollywood thriller:

  • Dec 28, 2020: LuBian loses 90% of its BTC
  • Dec 29: Additional $6 million in BTC/USDT stolen via Bitcoin’s Omni layer
  • Dec 31: LuBian moves the remaining 11,886 BTC ($1.35 billion today) into “safer” wallets
  • 2021: LuBian mysteriously ceases operations
  • July 2024: Hackers consolidate funds but leave them unmoved since.
LuBian Bitcoin Hack: A dormant Chinese mining pool's catastrophic security flaw led to the largest crypto theft in history, now worth $14.5B
The hack is $14.5B worth today’s money. Source: Arkham Intelligence.

LuBian had sent 1,516 blockchain messages to the exit scammer, which were desperate attempts to communicate with the thief, revealing that by the time this theft occurred, it was unbelievably reckless, and they had security holes the size of a truck to hack at the time. Their security was a sieve.

LuBian Bitcoin Hack: A dormant Chinese mining pool's catastrophic security flaw led to the largest crypto theft in history, now worth $14.5B
Some of the messages LuBain sent to contact the hacker. Source: Arkham Intelligence.

Why This Still Matters

  • 13th Largest BTC Whale: The hacker’s stash is now on par with nation-state Bitcoin holdings; if dumped, it could crush the markets.
  • Custody Crisis: Mining pools continue to be vulnerable as they focus on hash power instead of security. Hacken reported $3.1B hacked in the first half of 2025, with hacks to decentralized finance (DeFi), smart contract vulnerabilities, and social engineering increasing.
LuBian Bitcoin Hack: A dormant Chinese mining pool's catastrophic security flaw led to the largest crypto theft in history, now worth $14.5B
Defi losses and Smart Contract vulnerabilities, according to The Hacken 2025 Half-Year Web3 Security Report
LuBian Bitcoin Hack: A dormant Chinese mining pool's catastrophic security flaw led to the largest crypto theft in history, now worth $14.5B
2025 total crypto losses. Source:  The Hacken 2025 Half-Year Web3 Security Report

Historical Perspective

  • Mt. Gox (2014): 850,000 BTC stolen (originally worth $450M; now, $60B).
  • Bybit (2025): $1.5B drained by compromised Amazon Web Services (AWS) tokens.
  • Coincheck (2018): $530M in NEM tokens hacked.

Whose Accountable?

  • LuBian: Since 2021, it’s been mute, and its Iranian-linked operations raise geopolitical questions.
  • Regulators: China’s mining ban in 2021 may have hidden the theft’s discovery.
  • Crypto Industry: This should be a wake-up call for multi-sig and multi-party computation (MPC) wallets.

But since the hacker’s identity is still unknown, recovery is unlikely, so that BTC is either indefinitely lost (forever), or waiting to nuke the market.

Trust, but Verify

The LuBian Bitcoin hack isn’t some long-ago footnote in Bitcoin’s growth; believe it or not, it’s a live grenade still within Bitcoin’s ecosystem. Unlike exchanges that now have legally accountable storage custodians and the use of cold storage strategies, many of their mining pools still take a risky position. Until we raise the sense of importance of security as a non-negotiable, you may expect the next mega hack to be wrought only by brute-force hacking practices.

Final Thought: Will the hacker’s $14.5 billion stash ever move? And if it does, will anyone be ready?” The clock is ticking.

For more crypto hack stories, read: Fake AI Startups Drain Crypto Wallets in Sophisticated Social Engineering Scam

Disclaimer

All content provided on Times Crypto is for informational purposes only and does not constitute financial or trading advice. Trading and investing involve risk and may result in financial loss. We strongly recommend consulting a licensed financial advisor before making any investment decisions.

Author Image
Posted by Alan Rada Editor at Times Crypto

A Content and Community Management specialist with a knack for turning complex ideas into engaging stories. With a solid IT background, Alan has led teams to create and refine impactful projects across industries. He’s passionate about Web3, Health, Science, Finance, and Sports/Fitness, bringing a unique blend of technical expertise and creative flair to every piece he writes. When he’s not crafting content, you’ll find him diving deep into research or just having some fun!

Read Next