LuBian

The largest cryptocurrency hack ever recorded involved the theft of 127,426 BTC from Chinese mining pool LuBian in December 2020. The stolen Bitcoin was worth approximately $3.5 billion at the time and has since appreciated to an estimated $14.5 billion. The attackers exploited a weakness in LuBian’s private key generation algorithm, making their wallets susceptible to brute-force attacks. Despite LuBian's attempts to recover the funds, the hacker retains all stolen assets, ranking as the 13th largest Bitcoin holder. The incident highlights critical security vulnerabilities in cryptographic key management and wallet infrastructure.

Source: https://cybersecuritynews.com/bitcoin-hack-valued-3-5-billion/

TPRM report: https://www.rankiteo.com/company/dlnewsinfo

"id": "dln221080925",
"linkid": "dlnewsinfo",
"type": "Cyber Attack",
"date": "12/2020",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': 'Cryptocurrency',
                        'location': 'China',
                        'name': 'LuBian',
                        'size': "One of the world's largest mining operations",
                        'type': 'Cryptocurrency Mining Pool'}],
 'attack_vector': 'Brute-force attack on wallets due to weak private key '
                  'algorithm',
 'date_detected': '2020-12-28',
 'date_publicly_disclosed': '2025-08-02',
 'description': 'The largest cryptocurrency hack ever recorded involved the '
                'theft of 127,426 BTC from Chinese mining pool LuBian in '
                'December 2020. The stolen Bitcoin was worth approximately '
                '$3.5 billion at the time of the theft and has since '
                'appreciated to an estimated $14.5 billion at current market '
                'valuations.',
 'impact': {'brand_reputation_impact': 'Significant damage due to largest '
                                       'cryptocurrency hack',
            'financial_loss': '$3.5 billion (2020), $14.5 billion (current)',
            'operational_impact': 'Loss of nearly 90% of Bitcoin holdings',
            'systems_affected': 'Bitcoin wallets'},
 'initial_access_broker': {'entry_point': 'Weak private key algorithm',
                           'high_value_targets': 'Bitcoin wallets'},
 'investigation_status': 'Ongoing',
 'lessons_learned': 'The incident highlights the critical importance of robust '
                    'security protocols in cryptocurrency operations, '
                    'particularly around cryptographic key management and '
                    'wallet infrastructure security.',
 'motivation': 'Financial gain',
 'post_incident_analysis': {'corrective_actions': 'Rotated remaining funds to '
                                                  'recovery wallets',
                            'root_causes': 'Weak private key generation '
                                           'algorithm'},
 'references': [{'date_accessed': '2025-08-02',
                 'source': 'Arkham Intelligence',
                 'url': 'https://twitter.com/arkham/status/1820000000000000000'}],
 'response': {'containment_measures': 'Rotated remaining funds to recovery '
                                      'wallets',
              'incident_response_plan_activated': 'Yes',
              'recovery_measures': "Sent OP_RETURN messages to hacker's "
                                   'addresses pleading for return of funds'},
 'title': 'Largest Cryptocurrency Hack: Theft of 127,426 BTC from LuBian',
 'type': 'Cryptocurrency Theft',
 'vulnerability_exploited': 'Weak private key generation algorithm'}

LuBian

Ronald Reagan Washington National Airport: What to do after a data breach, according to identity theft experts

Telus Digital and Telus Corp.: Telus Digital investigates cyberattack on 'limited number' of its systems

Microsoft: Paubox Research on Email Security Identifies Top Security Risks in 2026