Unpacking the $13 Billion Bitcoin Seizure: No Evidence of US Government Hacking Chinese Wallets

Recent accusations from China’s National Computer Virus Emergency Response Center (CVERC) have ignited a contentious debate, claiming that the United States government was behind the 2020 LuBian Bitcoin exploit. This dramatic allegation suggests that American actors orchestrated the theft of approximately $13 billion worth of Bitcoin, which later came into US custody. However, a detailed look at open-source forensic research and analyses from Western blockchain experts presents a different narrative, one that ties the initial incident to a specific cryptographic flaw rather than state-sponsored hacking.

The LuBian Exploit: A Technical Vulnerability, Not a State Actor

The core facts surrounding the December 2020 LuBian incident are extensively documented across various open-source investigations. Blockchain intelligence firm Arkham reported that a staggering 127,000 Bitcoin (BTC) were siphoned from wallets linked to the LuBian mining pool. This massive transfer unfolded over roughly two hours between December 28 and 29, 2020, through a series of synchronized withdrawals across hundreds of separate addresses.

The technical explanation for this drain points to a significant vulnerability, not an external, sophisticated state-level attack. According to the MilkSad research team and findings documented under CVE-2023-39910, the compromised wallets were generated using software that seeded the Mersenne Twister (MT19937) pseudo-random number generator with only 32 bits of entropy. This critical flaw drastically reduced the possible number of seeds to approximately 4.29 billion, making batches of P2SH-P2WPKH addresses susceptible to brute-force attacks. In simpler terms, the keys to these wallets were far easier to guess than they should have been.

MilkSad’s Update #14 further cemented this understanding, linking a cluster of wallets holding around 136,951 BTC, drained starting on December 28, 2020, directly to LuBian.com via on-chain mining activity. Their research also highlighted a consistent 75,000 satoshi fee pattern observed in the sweep transactions, a tell-tale sign of automated exploitation. After the initial drain, Blockscope’s reconstruction shows that the majority of these funds remained largely static, sitting with minimal movement for several years.

From Dormancy to US Custody: The Forfeiture Process

The very same coins, once dormant, are now under the control of the U.S. government. The U.S. Department of Justice (DOJ) has publicly stated its intent to pursue the forfeiture of approximately 127,271 BTC, categorizing these assets as proceeds and instrumentalities of alleged fraud and money laundering. These legal actions are specifically tied to individuals like Chen Zhi and the Prince Group. The DOJ confirms that the assets are currently held in U.S. custody, a fact that has fueled China's accusations.

Independent blockchain analysis has corroborated the link between the exploited wallets and the seized funds. Elliptic, another prominent blockchain analytics firm, demonstrated that the addresses cited in the DOJ’s complaint correspond precisely to the LuBian weak-key cluster previously identified by MilkSad and Arkham. Arkham has since updated its tags, clearly marking these consolidated destination wallets as U.S. government-controlled. On-chain sleuths, including well-known researcher ZachXBT, have publicly highlighted this overlap between the seized addresses and the earlier set of cryptographically weak keys.

Conflicting Narratives: State Actor vs. Technical Flaw

Where the narratives diverge significantly is on the question of attribution. The technical teams that initially uncovered the flaw and meticulously traced the fund movements have consistently refrained from identifying the perpetrator of the 2020 drain. MilkSad, for instance, repeatedly refers to an unnamed actor who discovered and exploited the weak private keys, explicitly stating they do not know the identity of this party. Similarly, Arkham and Blockscope describe the entity solely as the “LuBian hacker,” focusing their analysis on the methods used and the scale of the operation.

Elliptic and TRM Labs, while instrumental in tracing the funds, limit their claims to verifying the match between the 2020 outflows and the subsequent DOJ seizure. None of these respected sources have implicated a state actor in the 2020 operation.

In stark contrast, China's CVERC, with amplification from state-owned media outlets like Global Times, presents an alternative theory. Their argument hinges on two main points:

• The four-year dormancy period of the funds deviates from typical criminal cash-out patterns, suggesting the involvement of a state-level hacking organization.
• The ultimate custody of the coins by the U.S. government, they argue, links back to the allegation that U.S. actors executed the original exploit in 2020, only to later frame it as a law enforcement seizure.

“CVERC’s report closely tracks independent open research on weak keys, MT19937, address batching, and fee patterns. However, its attribution leap rests on circumstantial inferences about dormancy and ultimate custody rather than new forensics, tooling ties, infrastructure overlaps, or other standard indicators used in state actor attribution.”

While the technical details in CVERC's report largely align with independent research regarding the weak keys and exploitation methods, its conclusion about U.S. government involvement relies heavily on circumstantial inference rather than concrete forensic evidence. Standard methods for attributing state-level cyber operations typically involve tracing infrastructure, analyzing specific tooling, or identifying unique operational overlaps, none of which have been publicly presented by CVERC.

The True Story: Multiple Plausible Scenarios

Given the publicly available information, at least three coherent interpretations of events emerge:

1. An unknown party (criminal or otherwise) discovered the weak-key pattern, drained the cluster in 2020, and left the coins largely dormant. U.S. authorities subsequently obtained control of these funds through legitimate investigative means, such as the seizure of devices, cooperation from witnesses, or other legal processes, leading to the consolidation and forfeiture filings in 2024-2025.
2. LuBian and associated entities were part of an internal treasury and money laundering network operated by the Prince Group. In this scenario, what appeared to be a 'hack' could have been an opaque internal movement of funds between weak-key-controlled wallets, consistent with the DOJ's framing of these wallets as unhosted and within the defendants' possession. However, public documents do not fully elaborate on how Chen's network gained control over these specific keys.
3. The third scenario, advanced by CVERC, posits that a U.S. state actor was directly responsible for the 2020 exploitation operation.

The first two explanations align with the comprehensive evidentiary posture presented by MilkSad, Arkham, Elliptic, TRM Labs, and the U.S. Department of Justice. The third explanation, while strongly asserted by China, lacks independent technical evidence in the public domain to substantiate its claims.

A brief timeline of the uncontested technical events:

• 2020-12-28/29: Coordinated drains from LuBian-controlled addresses, involving approximately 127,000 to 127,426 BTC. (Source: Arkham, Blockscope, MilkSad Update #14)
• 221-2022: OP_RETURN messages from LuBian-linked addresses appealing for the return of funds. (Source: MilkSad Update #14, Blockscope)
• 2023-08: Public disclosure of CVE-2023-39910, detailing the weak MT19937 seeding vulnerability in Libbitcoin Explorer. (Source: NVD CVE-2023-39910)
• 2024: Consolidation of the dormant coins into new wallets, totaling around 127,000 BTC. (Source: Blockscope, Arkham)
• 2025: DOJ initiates forfeiture action and publicly confirms U.S. custody of approximately 127,271 BTC. (Source: DOJ, CBS News, Elliptic, TRM)

The Feasibility of Exploitation

From a technical standpoint, brute-forcing a 2^32 seed space is well within the capabilities of motivated actors, whether individual criminals or organized groups. With computing power capable of performing approximately one million guesses per second, a single setup could traverse the entire search space in just a few hours. Distributed computing resources or GPU-accelerated rigs could reduce this time even further. This ease of brute-forcing is central to understanding the MilkSad-class weakness and explains how a single actor could simultaneously sweep thousands of vulnerable addresses.

The distinctive fixed-fee pattern and specific address derivation details published by MilkSad, and subsequently mirrored in CVERC's technical write-up, further reinforce this method of exploitation. The mechanics of the exploit itself are largely undisputed.

Ultimately, the remaining points of contention revolve around the *ownership* and *control* of the funds at each stage, not the technical mechanics of the initial exploit. The DOJ frames the wallets as repositories for criminal proceeds linked to Chen Zhi and asserts their forfeitable nature under U.S. law. Chinese authorities, conversely, portray LuBian as a victim of theft and accuse a U.S. state actor of the original exploit. Independent blockchain forensics groups successfully connect the 2020 outflows to the 2024-2025 consolidation and seizure, but they consistently stop short of identifying who initiated the original drain in 2020. This remains the prevailing status of the public record.