China Accuses U.S. of Cyberattack Linked to Bitcoin Seizure
China has recently raised serious allegations against the United States, accusing Washington of orchestrating a cyberattack in 2020 that targeted the LuBian mining pool. The accusation suggests that this maneuver allowed U.S. authorities to seize around 127,000 Bitcoin—valued at approximately $13 billion—under the pretext of law enforcement activities.
CVERC Highlights State-Sponsored Cyber Operations
The claim originates from China’s National Computer Virus Emergency Response Center (CVERC), which argues that the breach of LuBian was not an isolated criminal act but rather a government-backed cyber operation. According to their report, the hack resulted in the draining of more than 127,000 BTC from LuBian’s hot wallets in December 2020. Notably, the stolen funds reportedly remained inactive for nearly four years before being transferred to new blockchain addresses in mid-2024.
Following the hack, the U.S. Department of Justice (DOJ) alleged that the Bitcoin was associated with Chen Zhi, chairman of Cambodia’s Prince Group, who faced charges related to crypto fraud. However, Beijing contends that the manner in which the Bitcoin moved and the lengthy period of inactivity indicate a coordinated government operation, rather than typical criminal behavior.
U.S. Rejects Accusations
In response to these claims, the U.S. Department of Justice has firmly denied any allegations of misconduct. They assert that the Bitcoin seizure constituted lawful asset forfeiture connected to ongoing anti-money laundering investigations. U.S. officials emphasize that all actions were conducted through legal channels, dismissing the cyberattack claims as unfounded.
In contrast, CVERC refutes this narrative, labeling the seizure as a “double cross.” They argue that the U.S. government used its law enforcement agencies as a cover for a covert cyber operation, referencing the unusual four-year delay in the movement of the stolen assets as a telltale sign of government involvement.
Security Flaws at LuBian
The report further highlights significant security vulnerabilities in LuBian’s systems. Instead of employing robust encryption measures, LuBian reportedly used a 32-bit pseudo-random algorithm rather than the more secure 256-bit random number generator. This oversight made it relatively simple for attackers to brute-force the private keys.
This kind of vulnerability, reminiscent of the MilkSad flaw (CVE-2023-39910), allowed hackers to compromise over 5,000 wallets in mere hours. At the time of the attack, the stolen Bitcoin was valued at $3.5 billion, yet it sat untouched until 2024, when it was alleged to have been transferred to wallets later linked to the U.S. government.
Growing Tensions in U.S.-China Cyber Relations
These allegations point to a worrying escalation in cyber tensions between the two countries, particularly concerning technology and digital currencies. The seized Bitcoin represents a notable fraction—around 0.65%—of the total Bitcoin supply, which could have broader implications for global markets if tensions continue to escalate.
As both sides brace for potential fallout, the narrative highlights the increasingly intertwined relationship between cybersecurity efforts and international diplomatic relations. At the moment, Washington maintains its stance that the seizure was a justified law enforcement action, while Beijing views it as a significant instance of state-sponsored hacking.
As the situation evolves, it remains to be seen how these accusations will shape the future dynamics of U.S.-China relations, particularly in the rapidly changing landscape of cybersecurity and digital assets.
