China has leveled a cyberattack accusation against the United States, claiming Washington orchestrated the 2020 hack of the LuBian mining pool and later seized 127,000 Bitcoin—worth about $13 billion—under the guise of law enforcement.
The claim, made by China’s National Computer Virus Emergency Response Center (CVERC), adds a new layer to escalating cyber tensions between the two countries. The agency alleges that the U.S. Department of Justice (DOJ) used “state-level hacking tools” to steal and control the stolen cryptocurrency before officially announcing its seizure in 2025.
CVERC Claims State-Level Hacking
According to the CVERC report, the 2020 LuBian mining pool hack was not a typical criminal incident but a state-sponsored cyber operation. Attackers drained over 127,000 BTC from LuBian’s hot wallets in December 2020. The stolen funds stayed inactive for nearly four years before moving to new blockchain addresses in mid-2024.
The U.S. DOJ later claimed the Bitcoin was linked to Chen Zhi, chairman of Cambodia’s Prince Group, who was charged with crypto-related fraud. However, Beijing argues the movement patterns of the coins and the delayed action suggest a coordinated government operation rather than criminal activity.
U.S. Denies the Cyberattack Accusation
The U.S. Department of Justice has denied any wrongdoing, describing the Bitcoin seizure as lawful asset forfeiture tied to ongoing anti-money laundering investigations. Officials maintain that all actions followed legal channels and were not connected to any cyberattack accusation.
CVERC, however, disputes this version of events, calling the seizure a “double cross.” It claims the U.S. government used its law enforcement agencies as cover for a cyber operation. The report also highlights the unusual four-year dormancy of the stolen assets, which it says is inconsistent with typical hacker behavior.
Weak Wallets Led to the 2020 Breach
The report also pointed to major technical flaws in LuBian’s security setup. Instead of using a 256-bit random number generator, LuBian reportedly relied on a 32-bit pseudo-random algorithm, making its private keys easy to brute-force.
This vulnerability—similar to the MilkSad flaw (CVE-2023-39910)—allowed attackers to breach over 5,000 wallets in just hours. The stolen coins, worth $3.5 billion at the time, stayed untouched until 2024, when they were allegedly transferred to wallets later controlled by the U.S. government.
A New Flashpoint in U.S.-China Cyber Relations
The China cyberattack accusation highlights growing geopolitical friction over technology and digital assets. The seized Bitcoin represents around 0.65% of the total Bitcoin supply, a significant sum with the potential to impact global markets if further disputes arise.
While the U.S. has yet to formally respond to the latest claims, the case highlights how cybersecurity and cryptocurrency enforcement are becoming increasingly intertwined with international diplomacy.
For now, both sides are standing firm: Beijing sees the seizure as a state-level hack, while Washington continues to frame it as a legitimate law enforcement action.