China Alleges a Nation-State Entity Hacked LuBian After the DoJ Seized Cryptocurrency in the Prince Group Scam
Published on November 12, 2025
Key Takeaways
- U.S. seizure: The U.S. DoJ has seized over 127,000 Bitcoin linked to the chairman of the Prince Group, who is indicted for operating a forced-labor scam.
- Chinese allegations: China's CVERC alleges that U.S. hackers were behind a 2020 hack that originally stole the Bitcoin.
- Scam connection: The DoJ actions are tied to charges of wire fraud and conspiracy to launder money against Prince Group’s Chen Zhi.
China's National Computer Virus Emergency Response Center (CVERC) has made allegations against the U.S. in a recent report concerning a significant cache of Bitcoin linked to the Prince Group Bitcoin scam, claiming that a 2020 hack against the LuBian bitcoin mining pool was orchestrated by a nation-state actor, likely the U.S.
U.S. Justice Department Announces Seizure and Indictment
The agency's Sunday analysis points to the fact that the approximately 127,271 Bitcoin stolen in the LuBian hack remained dormant for 4 years, which it argues is uncharacteristic of typical cybercriminals and suggests state involvement.
The allegations follow an October announcement that the U.S. Department of Justice (DoJ) unsealed an indictment against Chen Zhi, the chairman of Prince Group. The charges include wire fraud and money laundering conspiracies related to his direction of a forced labor scam operating out of compounds in Cambodia.
Screenshot from the CVERC report (machine-translated) | Source: CVERC
Concurrently, the DoJ filed a civil forfeiture complaint against approximately 127,271 Bitcoin, stating the assets are the proceeds of Zhi's illicit activities and are now in the custody of the U.S. government.
CVERC's report details a forensic analysis suggesting these are the same funds from the 2020 hack.
Implications for Cryptocurrency Security and Geopolitics
This incident highlights significant cryptocurrency security risks and adds a layer of geopolitical tension to international cybercrime enforcement, with the latest allegations being that U.S. cyber espionage targeted China’s National Time Service Center.
While the U.S. and China agree on the essential facts—that the Bitcoin was stolen from Zhi and is now in U.S. possession—their interpretations diverge sharply.
CVERC's report notably omits the DoJ's context of the forced-labor scam camps, which China has actively worked to dismantle due to their impact on Chinese citizens.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular