Chinese cyber-security authorities have accused the United States of converting a 2020 state-level hack into a $15 billion windfall by seizing roughly 127,000 bitcoins tied to Chen Zhi, a founder of the Prince Group. A technical analysis published on a Chinese government-affiliated platform claims U.S. national hackers broke into the LuBian mining pool cold wallet and later saw those funds “legalized” through U.S. civil and criminal forfeiture procedures. Washington’s public account is simpler: U.S. prosecutors in New York announced last year they were charging Chen and seeking forfeiture of the asset haul as proceeds of transnational fraud and money‑laundering.
Chen Zhi is a high‑profile figure in Southeast Asia’s grey economy. Public records and state media detail a decade of business expansion in Cambodia under the Prince Group banner, spanning property, banking and telecoms, and state reporting accuses the group of running large-scale telecom fraud operations from multiple scam parks. Chinese authorities say they transferred Chen from Phnom Penh to China in January after bilateral law‑enforcement cooperation, while U.S. prosecutors in October issued an indictment and a parallel forfeiture claim for the bitcoin holdings.
The technical attribution at the heart of Beijing’s claim comes from a November 2025 analysis of the LuBian mining pool incident published by the National Computer Virus Emergency Response Center. That report, cited in the recent piece, alleges the attack exploited a low‑level cryptographic vulnerability and that the intrusion bears hallmarks of a nation‑level actor. The Chinese writeup frames the U.S. legal process that followed as a retroactive attempt to “legalize” the takings, turning a covert cyber operation into open, enforceable control over global crypto assets.
Beijing’s commentary places the Chen case in a broader pattern of U.S. enforcement actions between 2022 and 2025, saying Washington has seized more than $30 billion in virtual assets through a mix of civil forfeiture, criminal prosecutions and regulatory enforcement. It points to the high‑profile Binance settlement, in which the exchange agreed to pay tens of billions of dollars in penalties and disgorgement, as evidence of the United States’ ability to coerce global crypto platforms to accept U.S. regulatory terms.
The practical consequences of these high-value seizures are mixed. For victims of fraud, the seizure of frozen assets does not automatically translate into restitution; bureaucratic, legal and diplomatic hurdles often determine whether and how funds are returned. For jurisdictions and actors outside U.S. reach, the episodes highlight how extraterritorial law enforcement and technical surveillance can alter the custody and movement of digital assets without multilateral agreement.
Politically, the Chinese narrative casts U.S. action as part of a wider strategy of technological dominance and dollar preservation — a claim that will resonate domestically and with partners uneasy about U.S. extraterritoriality. Whether or not the technical attribution to U.S. state actors withstands independent scrutiny, the allegation itself escalates the stakes: it ties cyber operations, asset seizure and diplomatic friction into a single geopolitical contest over who governs digital value.
For the crypto industry and international regulators, the episode sharpens two dilemmas. First, custody models that rely on centralized exchanges and identifiable cold wallets are vulnerable both to criminal theft and to state action; second, unilateral enforcement without clear channels for victim compensation or multilateral oversight risks fragmenting the global market. Policymakers and firms will have to weigh stronger on‑shore custody and compliance against the economic costs of fragmentation and the political risk of aligning with particular legal regimes.
Looking ahead, the core questions are legal and technical as well as strategic: can independent forensic processes be established that command cross‑border credibility, and will states agree to rules that constrain the use of cyber tools to acquire or control foreign assets? Absent clear norms, the scramble to control digital reserves — whether for law enforcement, sanctions, or strategic accumulation — is likely to intensify, with consequences for victims, exchanges and the shape of global digital finance.