BlockBeats News, October 17th, Crypto KOL @chaowxyz published an analysis on how Lubian’s 120,000 BTC was stolen. “Simply put, a Bitcoin private key is a string of 256 bits of 0s and 1s. Generating a private key is simple: toss a coin 256 times, record the results (0 for heads, 1 for tails), and that’s your private key. If two people get the same results when tossing the coin, they would have the same key. The latter person can then directly access the former person’s wallet. However, the likelihood of this ‘lucky break’ is almost zero. Due to the 2 to the power of 256 possibilities, which is greater than the total number of atoms in the universe, the chances of duplication are extremely low. The security of a private key does not come from luck but from mathematics. However, there is a prerequisite: it must be ‘truly random’.”
So how were the 120,000 BTC lost? The issue lies in the “random number generator” that the LuBian mining pool used to generate the private keys—the machine that was supposed to fairly toss the coin was faulty. Instead of selecting randomly from nearly infinite possibilities, it acted like a jammed machine, always choosing numbers in an extremely small, patterned range. Hackers discovered this malfunctioning pattern of the machine and effortlessly replicated all the possible generated private keys, emptying all corresponding wallets.”
