Redazione RHC : 12 November 2025 18:54
We’re talking about 11 billion euros. A staggering figure!
China’s National Computer Virus Emergency Response Center (CVERC) said that a state-run entity, likely U.S. , was behind a 2020 attack on a Bitcoin mining company .
Recently, the CVERC published a report on Weixin describing an attack on the operator of the LuBian mining pool, which operated in China and Iran. Following the incident, unknown attackers stole 127,272 bitcoins.
According to the center, the owner of the stolen funds was Chen Zhi, chairman of the Cambodian Prince Group. In early 2021 and in July 2022, he left messages on the blockchain demanding the return of the cryptocurrency and offering a ransom, but to no avail.
CVERC experts note that the stolen bitcoins were stored in a single wallet for nearly four years and remained virtually unused. This behavior, in their view, is characteristic not of common criminals, but of a state entity capable of maintaining control over the assets for a long time.
The report also links the incident to the events of October 14, 2025, when the U.S. Department of Justice announced charges against Chen Zhi for fraud and money laundering. According to U.S. investigators, he ran forced labor camps and anti-fraud centers in Cambodia.
At the same time, the U.S. Department of Justice filed a forfeiture request for approximately 127,271 bitcoins, citing them as “proceeds and instrumentalities” of illegal activity. The department stated that the cryptocurrency was previously stored in Chen Zhi’s personal wallets but is now under the control of the U.S. government.
The CVERC claims that its analysis of blockchain records confirms that the same coins did indeed end up in addresses associated with the United States. Therefore, both sides agree on one point: the bitcoins stolen from Chen Zhi now belong to Washington.
However, the Chinese report makes no mention of the businessman’s connection to forced labor camps. This is disconcerting, given that Beijing publicly condemns such schemes: Chinese citizens are often victims, and the authorities have repeatedly reported joint operations to dismantle them and harsh sentences for their organizers.
Equally unusual is the report’s conclusions, which CVERC addresses to the Chinese blockchain community and mining pool operators with recommendations for strengthening cybersecurity. This seems contradictory, given that China officially banned cryptocurrency mining and trading in 2021.
Analysts believe the CVERC’s publication may be part of a domestic information campaign aimed at reinforcing China’s image as a victim of cyberattacks. Beijing has previously published similar reports, claiming it is not conducting illicit operations and that US hacking allegations, including the Volt Typhoon incident, are fabricated.
Redazione
