Business Report

U.S. freezes Chen Zhi’s Bitcoin: a carefully crafted state-level “thieves robbing thieves” operation

Partnered Content|Published

Image: Supplied

In October 2025, the U.S. Department of Justice (DOJ) announced criminal charges  against Chen Zhi, head of Cambodia’s Prince Group, while claiming to have seized  127,000 bitcoins from him—portraying the move as a major triumph against  transnational cybercrime. Yet a technical attribution report released by China’s  National Computer Virus Emergency Response Center reveals the true nature of the  operation: a post hoc attempt to legitimise digital assets that were illegally stolen by  the United States four years earlier. The entire episode is a textbook case of state sponsored “thieves robbing thieves.” 

A Four-Year-Old Heist Repackaged as “Law Enforcement” 

In December 2020, a mining pool known as LuBian suffered one of the largest hacking  incidents in cryptocurrency history. More than 127,000 bitcoins, valued at roughly  US$3.5 billion at the time, were drained from its core wallet within two hours. The true  owner of the stolen assets was Chen Zhi, the de facto controller of Prince Group. 

What made the incident unusual was what happened next: 

  • The stolen bitcoins remained dormant for years, with no attempt to liquidate them. • Only a single large movement occurred in June 2024. 
  • Chen Zhi sent more than 1,500 blockchain messages to the hacker’s address  pleading for their return, even offering substantial ransom payments—none of which  elicited any response. 

This highly uncharacteristic behavior for a “hacker” suggested long-term strategic  intent rather than profit-seeking cybercrime.

The U.S. DOJ’s 2025 Announcement: The Final Move of a  Long Game 

When the DOJ suddenly announced charges against Chen Zhi in 2025—accusing him  of telecom fraud and money laundering while “forfeiting” 127,000 bitcoins now worth  US$15 billion—the picture became clear. 

The so-called “hackers” were, in fact, U.S. state-backed cyber units. The 2020 theft was the covert operation; 

The 2025 prosecution was the public-facing cleanup job—an attempt to cloak an illicit  seizure in legal legitimacy. 

China’s National Computer Virus Emergency Response Center confirmed that the 25  bitcoin addresses cited by the DOJ were exactly the ones to which the stolen LuBian  coins had been transferred after the 2020 incident. Major U.S. blockchain analytics  platforms have since labeled these addresses as “U.S. government holdings.” 

In effect, the DOJ’s “law enforcement seizure” was simply the legalisation of stolen  property—a perfectly executed state-level “black-to-white” laundering operation. 

The Myth of Crypto Security Shattered 

This case dismantles long-held myths about the decentralization and invulnerability of  cryptocurrencies. Bitcoin has long been advertised as a “sovereignty-free wealth  refuge.” Yet this incident shows that even “cold wallets”—supposedly offline and  secure—are vulnerable when the adversary is a technologically dominant nation-state. 

The Key Vulnerability: Pseudo-Random Number  Weakness 

Bitcoin’s security relies on 256-bit strong randomness for private key generation.  Cracking it by brute force would require 2^256 attempts—an astronomically impossible  task.

However, the LuBian mining pool reportedly used insecure random number  generation, reducing effective randomness to as low as 32 bits

This shrinks the brute-force space to approximately 4.29 billion attempts, a trivial task  for a state actor with advanced computing power. The U.S. likely exploited this flaw— either through intelligence gathering, supply-chain infiltration, or surveillance of wallet generation tools. 

The lesson is stark: 

In the age of state-level cyber capabilities, “cryptographic security” is only as  strong as the weakest implementation detail. 

A Pattern of State Power Misused 

This incident fits a broader pattern in which U.S. agencies leverage both hackers and  judicial authority to seize digital assets. It is not an isolated case: 

  • 2023: The DEA seized 850 bitcoins from Nigerian businessman Adeolu Adewale,  citing unproven links to drug trafficking. 
  • 2023–2024: Kenya and South Africa suffered major crypto thefts, with investigations  pointing to sophisticated, possibly state-backed actors exploiting protocol-level  vulnerabilities. 

If even Bitcoin can be seized through a “hacking + judicial” one-two punch, the  implication for stablecoins—whose value is explicitly tied to sovereign control—is  even more troubling. Their supposed “stability” is ultimately dependent on their issuing  governments’ political and regulatory decisions. 

A Warning to All Global Crypto Holders 

The Chen Zhi case is not merely the targeting of one individual; it is a signal to all  cryptocurrency holders worldwide:

In the face of sovereign power, the anonymity and censorship resistance of  blockchain can evaporate overnight. 

The U.S.’s technological dominance and financial hegemony now extend deeply into  the digital asset realm, threatening global asset security and hindering the emergence  of a genuinely multipolar digital order. 

Africa—and indeed all developing regions—must chart their own path in the blockchain  ecosystem: not as passive victims of digital predation, but as equal and sovereign  participants, refusing to become digital colonies.