China Accuses U.S. of Engineering a $15bn Bitcoin “Asset Grab” in High‑Profile Seizure

Chinese cybersecurity authorities allege the United States used state‑level hacking to seize roughly 127,000 bitcoins linked to Chen Zhi, turning purportedly stolen coins into a U.S. digital reserve rather than returning funds to victims. The accusation highlights risks from implementation flaws in wallet software, the geopoliticisation of cyber capabilities, and growing tensions over cross‑border digital asset governance.

People waiting at Prince St subway platform in New York City, serene evening scene.

Key Takeaways

  • 1Chinese researchers claim about 127,000 BTC (~$15bn) linked to Chen Zhi were taken via an exploit of non‑true‑random key generation and transferred to U.S.‑controlled addresses.
  • 2The National Computer Virus Emergency Response Center traces the intrusion to December 2020 and alleges state‑level attackers exploited a LuBian mining pool cold wallet.
  • 3U.S. prosecutors publicly announced criminal charges and a historic forfeiture; China says the proceeds were not returned to scam victims but absorbed into a U.S. digital asset reserve.
  • 4Experts warn the episode underscores real‑world crypto risks from software implementation, custody concentration, and weak randomness in key generation.
  • 5The case risks deepening geopolitical mistrust and may accelerate moves toward digital sovereignty, hardened custody practices, and fractured cyber norms.

Editor's
Desk

Strategic Analysis

If Beijing’s technical account is accurate, the episode represents a novel fusion of cyber‑operations and legal mechanisms: technical expropriation followed by judicial formalisation. That is distinct from conventional forfeiture stretching across borders and would mark an escalation in the use of offensive cyber capabilities for economic ends. Even if parts of the narrative are contested, the political consequences are real. Expect accelerated hardening of key‑management standards, greater regulatory scrutiny of custody and open‑source wallet components, and reciprocal measures aimed at preventing strategic surprises in the digital‑asset domain. For policymakers, the most urgent task is a multilateral framework for attribution, transparency and victim restitution—failure to create credible, independent verification mechanisms will leave room for tit‑for‑tat cyberconduct and further erosion of trust in cross‑border law enforcement.

China Daily Brief Editorial
Strategic Insight
China Daily Brief

China’s National Computer Virus Emergency Response Center has published a blistering technical dossier alleging that the United States used state‑level hacking capabilities to seize roughly 127,000 bitcoins—about $15 billion at contemporary prices—connected to Chen Zhi, founder of the so‑called Prince Group. Beijing’s account does not merely frame the episode as conventional law enforcement: it argues that Washington exploited an implementation flaw in an open‑source wallet to break private keys, quietly transfer dormant funds to U.S.‑controlled addresses, and then formalise ownership through U.S. forfeiture proceedings.

The timeline assembled by Chinese authorities and cited in the report runs from a December 2020 intrusion on a LuBian mining pool wallet to a June 2024 transfer of the stolen coins into addresses later declared by U.S. prosecutors to be subject to forfeiture. The U.S. Eastern District of New York publicly announced criminal charges against Chen Zhi and a historic forfeiture of roughly 127,000 bitcoins—a record seizure by the Justice Department—while other jurisdictions, including the UK, Singapore and South Korea, moved to freeze related property and accounts.

The technical allegation centres on key generation. Chinese cybersecurity researchers contend that the Prince Group stored its holdings in a single wallet produced with a non‑true‑random number generator in open‑source software, creating an exploitable weakness. The centre’s November 2025 technical tracing report attributes the exploitation to a mature, nation‑level actor capable of bottom‑layer cryptographic attacks—language that Beijing interprets as pointing to U.S. capabilities rather than to conventional criminal hackers.

Chinese tech entrepreneurs and officials have been vocal. Zhou Hongyi, founder of security company 360, described the episode as an orchestrated ‘‘asset harvest’’ executed under the guise of anti‑fraud enforcement, contrasting it with China’s stated practice of pursuing criminal suspects through joint policing and returning proceeds to victims via judicial process. Beijing’s narrative emphasises that most alleged scam victims have not seen restitution and that U.S. actions amount to a new form of cross‑border property appropriation enabled by technological superiority.

For an international audience, the claims raise two distinct questions: the resilience of Bitcoin’s ecosystem against implementation flaws, and the legitimacy of state conduct in cyberspace when it overlaps with law enforcement. Bitcoin’s protocol has long been defended as secure, but most real‑world losses arise from software, wallet or operational mistakes; the debate here is whether an exploited implementation bug was used by a state actor and then retroactively legitimised by forfeiture law.

The episode also highlights practical vulnerabilities in custody practices. Concentrating large balances in a single wallet, reliance on unvetted open‑source components, and weak randomness in key generation are perennial risks in crypto operations. If the technical claims are correct, they underline why institutional actors increasingly demand hardware wallets, multi‑signature custody, audited deterministic key generation, and rigorous supply‑chain security.

Geopolitically, the case could harden attitudes on both sides. Accusations that one state weaponised technical know‑how to extract foreign assets will feed narratives of technological domination and justify accelerated moves toward digital sovereignty, tighter export controls, and divergence in cyber norms. It also complicates cross‑border law enforcement cooperation: mutual suspicion could make it harder to coordinate on tracing and returning proceeds of transnational fraud.

That said, important caveats remain. The Chinese report supplies technical attribution that Beijing finds persuasive, but independent, forensic confirmation accessible to neutral third parties is limited in the public record. The U.S. Department of Justice has framed its action as lawfully executed forfeiture in a criminal prosecution, and other jurisdictions have supported asset freezes. Readers should treat technical and legal assertions from competing governments as part of a broader contest over facts and norms in a highly politicised domain.

Share Article

Related Articles

📰
No related articles found