Overview
- China’s cybersecurity agency CVERC accused a state-level U.S. hacking group of stealing roughly 127,000 BTC from the LuBian mining pool in December 2020 and later presenting control of the stash as a seizure.
- U.S. prosecutors have sought civil forfeiture of about 127,271 BTC as proceeds of alleged fraud and money laundering tied to Chen Zhi and the Prince Group, stating the assets are in U.S. custody.
- On-chain data shows coordinated outflows over late 2020, years of dormancy, and consolidation in mid‑2024 into wallets later tagged as U.S.-controlled by Arkham and other analytics firms.
- Open-source research, including MilkSad and CVE-2023-39910, attributes the original drain to weak random-number seeding that made affected addresses brute-forceable, a pattern echoed by Elliptic and Blockscope.
- Independent forensic teams do not publicly attribute the 2020 exploit to any state actor, and the DOJ rejects Beijing’s claim, describing the government’s actions as legitimate law enforcement.