China’s National Computer Virus Emergency Response Center has published a blistering technical dossier alleging that the United States used state‑level hacking capabilities to seize roughly 127,000 bitcoins—about $15 billion at contemporary prices—connected to Chen Zhi, founder of the so‑called Prince Group. Beijing’s account does not merely frame the episode as conventional law enforcement: it argues that Washington exploited an implementation flaw in an open‑source wallet to break private keys, quietly transfer dormant funds to U.S.‑controlled addresses, and then formalise ownership through U.S. forfeiture proceedings.
The timeline assembled by Chinese authorities and cited in the report runs from a December 2020 intrusion on a LuBian mining pool wallet to a June 2024 transfer of the stolen coins into addresses later declared by U.S. prosecutors to be subject to forfeiture. The U.S. Eastern District of New York publicly announced criminal charges against Chen Zhi and a historic forfeiture of roughly 127,000 bitcoins—a record seizure by the Justice Department—while other jurisdictions, including the UK, Singapore and South Korea, moved to freeze related property and accounts.
The technical allegation centres on key generation. Chinese cybersecurity researchers contend that the Prince Group stored its holdings in a single wallet produced with a non‑true‑random number generator in open‑source software, creating an exploitable weakness. The centre’s November 2025 technical tracing report attributes the exploitation to a mature, nation‑level actor capable of bottom‑layer cryptographic attacks—language that Beijing interprets as pointing to U.S. capabilities rather than to conventional criminal hackers.
Chinese tech entrepreneurs and officials have been vocal. Zhou Hongyi, founder of security company 360, described the episode as an orchestrated ‘‘asset harvest’’ executed under the guise of anti‑fraud enforcement, contrasting it with China’s stated practice of pursuing criminal suspects through joint policing and returning proceeds to victims via judicial process. Beijing’s narrative emphasises that most alleged scam victims have not seen restitution and that U.S. actions amount to a new form of cross‑border property appropriation enabled by technological superiority.
For an international audience, the claims raise two distinct questions: the resilience of Bitcoin’s ecosystem against implementation flaws, and the legitimacy of state conduct in cyberspace when it overlaps with law enforcement. Bitcoin’s protocol has long been defended as secure, but most real‑world losses arise from software, wallet or operational mistakes; the debate here is whether an exploited implementation bug was used by a state actor and then retroactively legitimised by forfeiture law.
The episode also highlights practical vulnerabilities in custody practices. Concentrating large balances in a single wallet, reliance on unvetted open‑source components, and weak randomness in key generation are perennial risks in crypto operations. If the technical claims are correct, they underline why institutional actors increasingly demand hardware wallets, multi‑signature custody, audited deterministic key generation, and rigorous supply‑chain security.
Geopolitically, the case could harden attitudes on both sides. Accusations that one state weaponised technical know‑how to extract foreign assets will feed narratives of technological domination and justify accelerated moves toward digital sovereignty, tighter export controls, and divergence in cyber norms. It also complicates cross‑border law enforcement cooperation: mutual suspicion could make it harder to coordinate on tracing and returning proceeds of transnational fraud.
That said, important caveats remain. The Chinese report supplies technical attribution that Beijing finds persuasive, but independent, forensic confirmation accessible to neutral third parties is limited in the public record. The U.S. Department of Justice has framed its action as lawfully executed forfeiture in a criminal prosecution, and other jurisdictions have supported asset freezes. Readers should treat technical and legal assertions from competing governments as part of a broader contest over facts and norms in a highly politicised domain.