RE:CZ

Analysis of the US Government's Seizure of Chen Zhi's $15 Billion Bitcoin

Financial Market Analysis

👤 Professionals and general readers interested in cryptocurrency enforcement, blockchain analysis, international money laundering investigations, and legal procedures.
This article systematically outlines the entire process of the US government's seizure of approximately $15 billion in Bitcoin from Chen Zhi, chairman of Cambodia's Prince Group. It begins by identifying 127,271 Bitcoins linked to Chen Zhi's telecom fraud and money laundering network through blockchain analysis, which originated from the 2020 LuBian mining company theft. The US Department of Justice obtained legal authority through criminal prosecution and civil forfeiture procedures, accusing Chen Zhi of operating forced labor scam camps and engaging in large-scale money laundering. Technically, investigators recovered seed phrases or private keys for 25 non-custodial wallets through real-world evidence collection, transferring the Bitcoin to a US government-controlled wallet in October 2025, completing the largest cryptocurrency seizure in history. The entire process combined on-chain evidence, court orders, and real-world forensics, demonstrating law enforcement's ability to track and seize crypto assets.
  • ✨ The US government seized approximately 127,271 Bitcoins controlled by Chen Zhi, valued at around $15 billion.
  • ✨ These Bitcoins were identified as proceeds from the 2020 LuBian mining company theft, used for telecom fraud and money laundering.
  • ✨ Blockchain analysis linked 25 non-custodial wallets to Chen Zhi's criminal network.
  • ✨ The US Department of Justice obtained legal authority through criminal prosecution and civil forfeiture procedures.
  • ✨ Investigators recovered wallet seed phrases or private keys through real-world evidence collection.
📅 2026-02-05 · 1,857 words · ~9 min read
  • Bitcoin seizure
  • Chen Zhi
  • US government
  • On-chain analysis
  • Civil forfeiture
  • Cryptocurrency enforcement
  • Money laundering investigation
  • Prince Group

Table of Contents

How Did the U.S. Government Seize Chen Zhi's Approximately $15 Billion in Bitcoin?I. The Conclusion First (Plain Language Version)II. Key Background: Why These 127,271 Bitcoins?1. The Parties Involved and Nature of the Crimes2. Connection to the Earlier "LuBian Theft Case"III. Timeline: How Did the U.S. Gradually Obtain These Bitcoins?IV. Legal Framework: "On What Basis" Did the U.S. Seize?1. Criminal Indictment2. Civil Forfeiture3. International Sanctions and Financial Blockade (Supporting Measures)V. Technical and Operational Level: How Exactly Did They "Get" These Bitcoins?1. On-Chain Analysis: Identifying These BTC as Controlled by Chen Zhi2. "The Wallets Are Unhosted," So How Did the U.S. Gain Control?3. After Obtaining the Seed Phrases, How Was the "Seizure" Completed?VI. Why Is This Called the "Largest-Ever Cryptocurrency Forfeiture Case"?VII. Relation to Chen Zhi's Extradition to ChinaVIII. Summary in One Sentence

How Did the U.S. Government Seize Chen Zhi's Approximately $15 Billion in Bitcoin?

2026-02-05

The following is a systematic breakdown and answer, based on public reports and professional on-chain analysis, regarding the process of "how the U.S. government specifically seized approximately $15 billion in Bitcoin belonging to Chen Zhi, Chairman of Cambodia's Prince Group."

I. The Conclusion First (Plain Language Version)

The U.S. did not "hack" into Chen Zhi's wallets. Instead, they:

  1. First used blockchain analysis to identify a large batch of Bitcoin addresses (approx. 127,271 BTC) linked to Chen Zhi, proving they were proceeds of telecom fraud and money laundering.
  2. Then used U.S. law through a "criminal indictment + civil forfeiture" process, obtaining a forfeiture order from the U.S. District Court for the Eastern District of New York, declaring these Bitcoins to be held in custody by the U.S. government.
  3. Obtained the wallet "keys" in the real world: Investigators recovered seed phrases/private keys for some wallets from Chen Zhi or his core team, or gained access through searches and evidence collection.
  4. Transferred these Bitcoins from wallets controlled by Chen Zhi into wallet addresses controlled by the U.S. government, thereby completing the seizure.

Therefore, the essence is the combination of three steps: "technically identifying the assets + legally obtaining the right of disposal + physically acquiring the private keys."

II. Key Background: Why These 127,271 Bitcoins?

1. The Parties Involved and Nature of the Crimes

  • Chen Zhi (also known as Vincent), founder and chairman of Cambodia's Prince Group, was accused by U.S. authorities of operating large-scale "forced labor scam compounds" in Cambodia, organizing "pig butchering" style cryptocurrency investment scams, defrauding global victims of tens of billions of dollars.1 2
  • These fraud proceeds were converted on a large scale into Bitcoin and other crypto assets and circulated through complex money laundering networks.

2. Connection to the Earlier "LuBian Theft Case"

A report by on-chain analysis firm Elliptic points out:

  • In December 2020, a Bitcoin mining enterprise named LuBian (operating in China and Iran) had approximately 127,426 BTC stolen.1
  • Initially thought to be a hack, but later U.S. Department of Justice indictments determined that the ultimate controller and user of these stolen coins overlapped significantly with Chen Zhi and his money laundering network.1
  • The stolen coins were split and transferred multiple times over subsequent years, with 127,271 BTC ultimately identified as being controlled by Chen Zhi.3 1

In other words: The U.S. determined that the 127,271 BTC under Chen Zhi's control were the very same coins stolen from LuBian and had been used in the telecom fraud money laundering network.

III. Timeline: How Did the U.S. Gradually Obtain These Bitcoins?

A concise timeline summarizes the process:

Time Event Relation to Seizure
December 2020 LuBian mining enterprise had approx. 127,426 BTC stolen Established the on-chain "traceable source of funds"1
Around 2021 Stolen BTC flowed through multiple transactions into several unhosted wallets Began overlapping with wallets controlled by Chen Zhi1
June–July 2024 This batch of BTC was collectively migrated to a new wallet cluster On-chain analysis showed funds moved to the stage just before entering wallets controlled by U.S. authorities1 2
October 14, 2025 U.S. Department of Justice (DOJ) announced:
① Criminal indictment of Chen Zhi;
② Filed civil forfeiture application;
③ Announced seizure of approx. 127,271 BTC, valued at ~$15 billion		 Officially launched and publicized the "largest-ever cryptocurrency asset forfeiture action"3 1
Mid-October 2025 onward Court approved civil forfeiture; BTC entered U.S. government "custody" Legally completed "seizure and custody by the government"4 3
January 2026 Cambodia arrested Chen Zhi and extradited him to China Criminal accountability continues in China, but U.S. had already seized the Bitcoin in 20255 6

IV. Legal Framework: "On What Basis" Did the U.S. Seize?

1. Criminal Indictment

The U.S. Attorney's Office for the Eastern District of New York (EDNY) indicted Chen Zhi on charges including:

  • Conspiracy to commit wire fraud
  • Conspiracy to commit money laundering

The indictment alleges:

  • Chen Zhi operated Cambodian "forced labor scam camps," forcing tens of thousands of people to conduct "pig butchering" style cryptocurrency investment scams;
  • Massive illegal proceeds were converted into crypto assets like Bitcoin and laundered through channels such as purported "mining enterprises."4 1

The role of the criminal indictment:
Provides the factual basis and "proceeds of crime" determination for the subsequent civil forfeiture.

2. Civil Forfeiture

Concurrently with the criminal case, the DOJ filed a civil forfeiture complaint with the court, seeking forfeiture of:

  • Approximately 127,271 Bitcoins (referred to as "Defendant Cryptocurrency" in DOJ filings),
  • Valued at approximately $15,000,000,000 (~$15 billion).4 3

Under civil forfeiture logic, if prosecutors can prove the assets are:

  • Proceeds of criminal activity, or
  • Instrumentalities used to commit crimes,

The court can rule that the assets should be forfeited to the treasury, to be held in custody or disposed of by the U.S. government, even if the defendant is not physically within the U.S.

3. International Sanctions and Financial Blockade (Supporting Measures)

  • The U.S. Treasury's OFAC placed Chen Zhi and Prince Group-related entities on sanctions lists, prohibiting U.S. persons from transacting with them and freezing their assets within the U.S. financial system.3 2
  • FinCEN, under Section 311 of the USA PATRIOT Act, designated associated institutions like Huione Group as "primary money laundering concerns," cutting off their access to the U.S. dollar clearing system.2
  • The UK government simultaneously froze Chen Zhi's high-value properties and other assets in London.3

The effect of these measures was: to block Chen Zhi's "fiat currency channels" and access to the formal financial system entirely, forcing his large assets to be exposed in the on-chain world, facilitating the U.S. "netting" of crypto assets.

V. Technical and Operational Level: How Exactly Did They "Get" These Bitcoins?

1. On-Chain Analysis: Identifying These BTC as Controlled by Chen Zhi

Synthesizing DOJ announcements and analyses from Elliptic and TRM Labs:4 3 1 2:

  • Investigators used blockchain analysis tools to track the flow of the 127,426 BTC stolen from LuBian in 2020 over several years;
  • Identified a cluster of 25 unhosted wallets that:
    • Were not wallets of any exchange or custodial platform;
    • Were controlled by Chen Zhi and his core associates;
    • Overlapped significantly with Prince Group's "mining enterprises," "investment platforms," and "money laundering channels";
  • The DOJ listed these addresses in the civil forfeiture filing and asserted that the BTC held in them were proceeds of Chen Zhi's criminal network.

Key Point: The U.S. did not make arbitrary claims. Using professional on-chain intelligence, they established a complete transaction path for "where each coin came from, which addresses it passed through, and where it ended up," building an evidence chain strong enough for court.

2. "The Wallets Are Unhosted," So How Did the U.S. Gain Control?

This is the part of most interest. According to detailed analysis by TRM Labs:

  • The BTC in those 25 unhosted wallets totaled approximately 127,271 BTC;
  • Chen Zhi himself held the seed phrases for several of these wallets;
  • Investigators later successfully "recovered" these seed phrases ("which investigators later recovered").2

Seed phrases are the "master key" that generates private keys. Once obtained, they grant full control over the wallet and its Bitcoin.

As for "how investigators obtained the seed phrases"—public details are not disclosed. Possible methods include:

  • Criminal detention and interrogation of intermediaries;
  • Searches and electronic forensics on Chen Zhi, his close associates, or technical team;
  • On-site seizure of notes, hardware wallets, or password management tools containing seed phrases/private keys.

Officials did not claim "hacker-style private key cracking." Media and on-chain firms generally believe this was real-world evidence collection + judicial compulsion, not technical brute force.

3. After Obtaining the Seed Phrases, How Was the "Seizure" Completed?

The process can be simplified as:

  1. Court approval of civil forfeiture:
    The court granted the DOJ's request, confirming these BTC were "forfeitable criminal property" and authorizing the U.S. government to take control.4 3
  2. Using the obtained seed phrases/private keys to access these wallets:
    Investigators or federal law enforcement technical teams used the recovered seed phrases to restore the wallets and initiate on-chain transfers.
  3. Transferring BTC to U.S. government-controlled wallet addresses:
    These addresses are typically managed specifically by the Treasury/Justice Department for holding seized digital assets.
  4. Status changed to "custody of the U.S. government":
    The DOJ announcement explicitly stated these Bitcoins are now "in the custody of the U.S. government,"4 indicating both legal and technical control.

Summary:
No mysterious hackers, just the combination of "on-chain evidence + court order + real-world key acquisition."

VI. Why Is This Called the "Largest-Ever Cryptocurrency Forfeiture Case"?

Multiple reports (DOJ announcement, BBC, CNN, Guancha.cn, etc.) mention:

  • The seized amount is 127,271 BTC, valued at ~$15,000,000,000 ($15 billion)4 3 7;
  • The U.S. Department of Justice publicly called it "one of the largest forfeiture actions in the history of the Justice Department."4 3

The landmark significance of this operation includes:

  1. Unprecedented Scale:
    Previous notable forfeitures like Mt.Gox and Silk Road were far smaller.
  2. Demonstrates "Bitcoin is not an untraceable, unseizable safe haven":
    As long as it appears on a public chain, there is a chance for law enforcement to "track it from start to finish."
  3. Showcases a Transnational Collaboration Model:
    U.S. DOJ + Treasury + collaboration with multiple countries (UK, Cambodia, China, etc.) formed a complete chain of "criminal indictment, civil forfeiture, financial sanctions, and extradition."

VII. Relation to Chen Zhi's Extradition to China

  • The chronological order is crucial:
    • October 2025: The U.S. indicted Chen Zhi and completed civil forfeiture and 'custody' of the Bitcoin;
    • January 2026: Chen Zhi was arrested in Cambodia and subsequently extradited to China.5 6

This means:

  • The U.S. first seized the on-chain assets,
  • Then Chen Zhi himself was taken to China for handling.

Current public information does not indicate the U.S. will directly transfer these BTC to China. However, future handling of partial asset returns may occur through U.S.-China judicial assistance or victim compensation mechanisms. This falls into the realm of political and judicial negotiation, with no definitive conclusion yet.

VIII. Summary in One Sentence

The U.S. government was able to seize Chen Zhi's approximately $15 billion in Bitcoin because: through years of on-chain tracking, they identified these BTC as proceeds of his fraud and money laundering; then, using criminal indictment and civil forfeiture procedures, they obtained legal authority for disposal; simultaneously, through investigation and evidence collection in the real world, they acquired the wallets' seed phrases/private keys; ultimately, they transferred the 127,271 Bitcoins from the 25 unhosted wallets controlled by Chen Zhi into wallets controlled by the U.S. government, achieving a judicial "seizure and forfeiture."

Footnotes

  1. 15 Billion US Seizure Reveals Prince Group’s Connection to Iran/China Bitcoin Mining Theft. Elliptic Blog.
    https://www.elliptic.co/blog/15-billion-us-seizure-reveals-prince-groups-connection-to-iran-china-bitcoin-mining-theft 2 3 4 5 6 7 8 9 10

  2. Operation Prince: Inside the Global Effort That Led to the Largest Forfeiture in US History. TRM Labs Blog.
    https://www.trmlabs.com/resources/blog/operation-prince-inside-the-global-effort-that-led-to-the-largest-forfeiture-in-us-history 2 3 4 5 6

  3. Prince Group Transnational Criminal Organization Case (Wikipedia).
    https://en.wikipedia.org/wiki/Prince_Group_transnational_criminal_organization_case 2 3 4 5 6 7 8 9 10

  4. Chairman of Prince Group Indicted for Operating Cambodian Forced Labor Scam Compounds Engaged... https://www.justice.gov/opa/pr/chairman-prince-group-indicted-operating-cambodian-forced-labor-scam-compounds-engaged 2 3 4 5 6 7 8

  5. Chen Zhi: Cambodia Extradites Alleged Scam Mastermind to China. BBC News.
    https://www.bbc.com/news/articles/cy4q8e88n2vo 2

  6. Alleged cybercrime kingpin Chen Zhi… CNN Report.
    https://www.cnn.com/2026/01/07/asia/chen-zhi-arrest-extradition-cambodia-china-intl-hnk 2

  7. Once Had $15 Billion in Bitcoin Seized by the US: Uncovering the Global 'Telecom Fraud King' Chen Zhi. Guancha.cn Report.
    https://www.guancha.cn/internation/2026_01_08_803187.shtml

See Also

Referenced By