How 127,000 Bitcoins Were Stolen from LuBian Mining Pool — Without Breaking Bitcoin's Cryptography

How 127,000 Bitcoins Were Stolen from LuBian Mining Pool — Without Breaking Bitcoin’s Cryptography

The Biggest Crypto Heist You Never Heard Of

On December 29, 2020, over 127,000 bitcoins — worth roughly $3.5 billion at the time and ballooning to an estimated $14.5 billion by 2025 — quietly vanished from the LuBian mining pool. The breach went entirely undetected for nearly five years, only coming to light in August 2025 when blockchain analytics firm Arkham Intelligence uncovered the evidence. In scale, it eclipses every other crypto theft in history.

Yet throughout this entire episode, Bitcoin’s underlying cryptographic foundations — its elliptic curve digital signatures, its SHA-256 hashing, its peer-to-peer consensus protocol — remained completely unbroken. So how did the attackers walk away with such an extraordinary fortune?

The answer is both technically fascinating and deeply instructive for the entire industry.

What LuBian Was

LuBian was one of the largest bitcoin mining pools globally in 2020, reportedly controlling nearly 6% of Bitcoin’s total hash rate as of May that year. The pool had risen quickly in early 2020, becoming the sixth-largest mining pool while promoting itself as “the safest high-yielding mining pool in the world.” This self-proclaimed safety, as events would reveal, was catastrophically misplaced.

The operational model of the LuBian mining pool included centralized storage and distribution of mining rewards. The bitcoins in the pool addresses were not stored in regulated centralized exchanges but in non-custodial wallets. From a security standpoint, non-custodial wallets are supposed to be the gold standard — no third party can freeze them, and ownership is controlled entirely by whoever holds the private key. The problem was how LuBian managed those private keys.

The Attack Vector: Flawed Private Key Generation

Here is the crucial point: the attacker did not crack Bitcoin. They didn’t reverse SHA-256, didn’t solve the elliptic curve discrete logarithm problem, and didn’t exploit any weakness in Bitcoin’s protocol layer. Instead, they exploited something far more mundane and far more avoidable — bad randomness.

Arkham believes hackers exploited vulnerabilities in LuBian’s private key generation algorithm through brute-force attacks. The hacker reportedly compromised over 5,000 wallets, using the vulnerability to access and siphon nearly all of LuBian’s Bitcoin holdings.

To understand why this is so devastating, a brief explanation of Bitcoin key security is necessary.

How Bitcoin Private Keys Are Supposed to Work

A Bitcoin private key is a 256-bit number — essentially a random integer. The total number of possible private keys is astronomically large: roughly 2²⁵⁶, a number so vast it exceeds the estimated number of atoms in the observable universe. Picking a specific private key by brute force — trying them one by one — is, for all practical purposes, computationally impossible when the key is generated with proper randomness.

The security of your bitcoin, therefore, does not rest on the strength of the cryptography alone. It rests on the randomness used to generate your private key in the first place. If that randomness is weak, predictable, or reused, the enormous security margin of 2²⁵⁶ collapses dramatically.

What Went Wrong at LuBian

LuBian appears to have used a flawed or insufficiently seeded random number generator (RNG) when creating the private keys for its pool wallets. When an RNG is weak, the space of keys it actually produces is not 2²⁵⁶ — it may be only millions or billions of possibilities, a range that becomes trivially brute-forceable with modern computing power.

This is not an exotic attack. It is a well-documented class of vulnerability. In 2013, researchers found that millions of RSA and DSA cryptographic keys generated by devices with poor entropy were compromised for the same reason. The Android Bitcoin Wallet suffered a similar fate in 2013 when a flaw in Java’s SecureRandom implementation led to private key recovery and theft. LuBian, it appears, repeated this well-known mistake at an extraordinary scale.

Why Bitcoin’s Cryptography Was Irrelevant to the Attack

This distinction matters deeply: Bitcoin’s cryptography protects against one specific threat — the forgery of a transaction signature without knowing the private key. It does this brilliantly. Given a properly generated private key, no known attack can derive it from the public key or from observing transactions on the blockchain.

But Bitcoin’s cryptography provides zero protection if an attacker can independently generate or guess your private key through other means. The blockchain is indifferent to how a private key was obtained. Whoever holds the key controls the coins. Period.

This is why the LuBian hack succeeded so completely and silently. The attacker didn’t need to attack Bitcoin. They attacked LuBian’s software. Once they reconstructed the pool’s private keys — by exploiting the weak RNG — they had complete, legitimate-looking authority over those wallets. From Bitcoin’s perspective, every transaction was perfectly valid. There was nothing anomalous to detect at the protocol level.

The Eerie Silence That Followed

After the theft, the massive amount of bitcoins remained dormant in the attacker’s controlled bitcoin wallet address for a full four years, almost untouched. This unusual patience is one of the strangest aspects of the incident.

According to Arkham, the mining pool spent 1.4 BTC across over 1,500 transactions attempting to contact the thief, urging them to return the stolen funds. LuBian wrote messages such as “To the whitehat who is saving our asset, you can contact us… to discuss the return of asset and your reward.” No known response was ever received. The mining pool itself disappeared from the network in 2021, only a few months after the theft.

The four-year dormancy, combined with the scale and precision of the operation, led analysts to speculate that this was not the work of an opportunistic criminal but rather a highly organized, potentially state-level actor.

The U.S. Government Enters the Picture

On October 14, 2025, the U.S. Department of Justice announced criminal charges against Chen Zhi, chairman of Cambodia’s Prince Group, and stated that it had confiscated 127,000 bitcoins from Chen Zhi and his Prince Group. The relationship between Chen Zhi, LuBian, and the stolen coins — and the theory that a state actor may have conducted the original hack — remains a matter of ongoing investigation and disputed interpretation.

Lessons for the Entire Industry

The LuBian disaster encapsulates a lesson that security professionals have tried to communicate for years: the weakest link in any cryptographic system is almost never the mathematics. It is the implementation.

Bitcoin’s elliptic curve cryptography is sound. Its hash functions are sound. Its consensus mechanism has never been successfully attacked. But none of that matters if the code generating your private keys is broken. A mining pool that centralizes custody of enormous quantities of bitcoin becomes a single point of failure. If any component of its key management infrastructure is flawed — its RNG, its key storage, its operational security — the entire fortune is at risk.

Strong cryptography is a necessary condition for security. It is not a sufficient one.

Conclusion

The LuBian mining pool hack was the largest cryptocurrency theft in history by dollar value — achieved not by breaking Bitcoin, but by exploiting a mundane flaw in how Bitcoin keys were generated.

The protocol did exactly what it was designed to do. The failure was entirely human and infrastructural.

For the cryptocurrency industry, the case is a sobering reminder that the security promise of “your keys, your coins” cuts both ways: if your keys are weak, your coins are gone — and Bitcoin itself will never know the difference.

How 127,000 Bitcoins Were Stolen from LuBian Mining Pool — Without Breaking Bitcoin's Cryptography