Analysis: Due to the regularity of the random number generator used by the LuBian mining pool to generate private keys, hackers discovered the fault pattern that led to the theft of 120,000 BTC

ChainCatcher message, encrypted KOL @chaowxyz analyzed how 120,000 BTC from Lubian was stolen. In simple terms, a Bitcoin private key is a combination of 256 bits of 0s and 1s. Generating a private key is easy: flip a coin 256 times, record the heads and tails, where heads is 0 and tails is 1, and that’s a private key. If two people get the exact same results, they will have the same key. The latter person can then directly access the former person's wallet. However, the probability of such "luck" is almost zero. Because the possibility of 2 to the power of 256 is greater than the total number of atoms in the universe. The chance of duplication is extremely low. The security of a private key does not come from luck, but from mathematics. But there is a premise behind this: it must be truly random.

So how were the 120,000 BTC lost? The problem lies in the random number generator used by the LuBian mining pool to generate private keys—the machine that was supposed to fairly flip coins was broken. It did not randomly select from nearly infinite possibilities but instead acted like a stuck machine, always picking numbers within a very small, patterned range. Hackers discovered the malfunctioning pattern of this machine and easily replicated the private keys it could generate, emptying all corresponding wallets.