China has accused the United States of being secretly involved in one of the largest Bitcoin thefts in history. The hack that took place in 2020 – worth $4 billion – has evolved into a geopolitical conflict over digital assets, and the conflict centers around the China-based Bitcoin mining complex, LuBian, which was hacked on December 29, 2020, resulting in the loss of 127,272 BTC currencies, worth the equivalent at the time of approximately $3.5 billion.
Coins belonging to Chen Zhi of Cambodia’s Prince Group sat dormant for four years before the U.S. Department of Justice (DOJ) announced in October 2025 that it had seized 127,000 Bitcoins and charged Chen with stealing them.
A wallet linked to Lubian moved 11,886 BTC (~$1.3 billion) within a day of a DOJ filing. @lookonchain And @ArkhamIntel followed the flows like @TheJusticeDept Details Lubian Bitcoin Transfers in Forfeiture Case.#Bitcoin #CryptoLaw
https://t.co/Tz6XS1DxvB – Cryptonews.com (@cryptonews) October 15, 2025
Did Washington discover the LuBian hack? Blockchain Investigations Indicate Covert Operation
Blockchain analysts and Chinese commentators say the Bitcoins seized by U.S. authorities could be the same ones stolen from China’s LuBian mining complex in 2020, raising speculation that Washington gained access to them years ago through a covert operation. Blockchain investigations – conducted by Arkham Intelligence and Elliptic – revealed that the wallet addresses mentioned in the US Department of Justice indictment match wallets linked to the hack. LuBian in 2020. Transaction records indicate that on the day of the attack, the LuBian main wallet transferred 127,272 BTC to an unknown address, roughly the same amount that was later confiscated by US authorities. According to analysts, the attackers at the time exploited a vulnerability in the pseudo-random key generator (32-bit PRNG) of the LuBian compiler similar to the encryption error that was later revealed in the MilkSad case in 2023.
This vulnerability allowed hackers to test thousands of random keys on wallets in a matter of hours. This led to 90% of LuBian’s balances being depleted, and the stolen currencies remained dormant for several years, while LuBian’s management and its owner Chen Zhi sent, via the OP_RETURN function of the Bitcoin blockchain, more than 1,500 messages in 2021 and 2022 demanding that the thieves return the money and also offered to pay a ransom, without any response.
Blockchain tracking software detected new movements for these wallets in June 2024; About 127,000 Bitcoins were transferred to new addresses that Arkham then assigned to the U.S. government, and the Justice Department announced the seizure several months later, prompting Chinese observers to question how and when the U.S. government obtained the private keys.
After that, the Justice Department did not disclose technical details, but claimed that “the assets were linked to criminal activity and laundered through mining networks operating in China and Iran,” but blockchain data reviewed by analysts suggests that the balances came directly from the hacked LuBian wallets.
Dormant LuBian wallets transfer $3.1 billion in Bitcoin under pressure from the US government
Wallets linked to the LuBian hack have seen new activity since the US Department of Justice’s announcement, as blockchain monitoring platform Lookonchain reported – on October 15 – that one of the dormant wallets had transferred 11,886 Bitcoins – worth around $1.3 billion – to several new wallets, and that another 15,969 currencies (worth $1.83 billion) had been transferred a week later, on October 22. October 1 – to 4 more wallets according to OnChainLens data.
Wallets linked to LuBian move 15,959 BTC worth $1.83 billion, marking the second transfer in two weeks following the October 15 movement of 11,886 BTC worth $1.3 billion following the DOJ case.#Bitcoin #Lubian #DOJhttps://t.co/SLHs8g9uJF – Cryptonews.com (@cryptonews) October 22, 2025
Analysts question whether these transfers are preemptive or a preparation for sale, and although all wallets linked to the hack are still subject to sanctions without information on the whereabouts of their owner, Chen Jie, the LuBian case has become a warning for the decentralized finance (DeFi) sector and the security of crypto infrastructure. Although the hack represents a benchmark for early security breaches in the crypto industry, the incident highlights the risks associated with weak random number generators, which caused Wintermute to lose approximately $160 million in 2022.
Finally, the US and UK have separately engaged in significant seizures of Bitcoin balances linked to Chinese operations, with UK authorities handling a £5 billion ($7.2 billion) Bitcoin balance seized in 2018 from Chinese defendants; The UK Supreme Court is considering whether to return the assets of 130,000 Chinese investors or keep most of the confiscations in the public purse.
China accuses the United States of being secretly involved in a hacking operation involving $4 billion worth of Bitcoin (BTC). What is really happening? appeared first on Cryptonews Arabic.