A previously unannounced cryptocurrency heist has been reconfirmed as the largest in history, after blockchain intelligence firm Arkham reported that 127,000 BTC were stolen from the Chinese Bitcoin mining pool Lubian last December 2020.
The value of stolen money at the time was approximately $3.5 billion.
The hack, which remained hidden for more than four years, surpasses the $1.5 billion Bybit attack and reconstructs the narrative surrounding what was thought to be regulatory stress that drove Lubian to shut down unexpectedly in early 2021.
The pool was previously a top-10 global Bitcoin mining pool, commanding approximately 6% of the worldwide hash rate before vanishing suddenly.
Misattributed Shutdown Linked to Silent Mega Hack
When Lubian abruptly closed down in the first half of 2021, rumours centered on external pressures, most significantly the tightening crypto regulations in China and Iran, two of the regimes in which the pool had significant mining operations.
The closure was generally accepted then as a compliance retreat from Beijing’s crypto mining crackdown.
Arkham’s new analysis provides a very different explanation: a catastrophic internal security failure.
As per the report, the hack probably came from compromised or poorly created private keys, which allowed the hacker to drain nearly the entire Bitcoin reserve of the mining pool without detection, at least in the short run.
Also Read: Arcadia Finance Suffers Major Crypto Hack Resulting in a Loss of $2.5 Million
Lubian’s Desperate Recovery Efforts and Complete Silence
Despite the significant loss, Lubian never made the hack public and kept quiet in subsequent years.
In a move that brought the blockchain “behind the scenes,” Lubian sent more than 1,500 small Bitcoin transactions to multiple wallets containing embedded “requests” that the stolen coins be returned, essentially using the blockchain to communicate with the thief.
The company also sent its remaining 11,880 BTC to recovery-specified wallets to protect any remaining funds.
Notably, the stolen Bitcoin has not been laundered or exchanged since it was stolen, with only a 2024 wallet consolidation to contribute to the mystery of the attacker’s intent and identity.
Also Read: Arbitrum-Based GMX Suffers Major $42 Million Crypto Hack: What Happened?
Transparency and Security in Crypto Infrastructure in Doubt
Arkham’s analysis raises serious questions over the openness of the security infrastructure of the major crypto institutions and the transparency shortcomings that have long shrouded the sector.
That it would take over four years for such a colossal hack to go unreported suggests an enormous breakdown of accountability in the centralized crypto business.
The breach is one of a growing number that illustrate the urgent need for more stringent standards and regulations, especially for infrastructure actors working with billions of dollars’ worth of digital assets.
In Lubian’s case, the failure to disclose not only damaged trust but also deprived the crypto world of useful information regarding the vulnerabilities being targeted.
Also Read: Fuzzland Reveals Former Employee Was Responsible for the $2 Million Bedrock UniBTC Crypto Hack
Crypto Hacks Continue to Pile Up, Suggesting a Larger Industry Problem
The Lubian hack comes in the wake of a very hectic month for cryptocurrency-related cyberattacks.
In July 2025, $142 million was stolen through various crypto hacks, a 27% increase from June’s $111.6 million.
Also notable was the case of CoinDCX, $44.2 million was hacked due to social engineering attacks, further showing the sophistication of recent hacks.
Despite minor recoveries of money by platforms like GMX, the persistence of mass exposure on both decentralized finance (DeFi) and centralized finance (CeFi) platforms shows that the sector remains extensively exposed.
The Lubian case serves as a chilling reminder of how far down the issues can go and for how long their effects remain dormant.
Also Read: Venus Protocol on BNB Chain Faces $2 Million Crypto Hack