Doj Seizes $15b in Bitcoin From 'pig Butchering' Scam Based in Cambodia
Posted3 months agoActive2 months ago
cnbc.comOtherstoryHigh profile
calmmixed
Debate
70/100
CryptocurrencyScamsLaw Enforcement
Key topics
Cryptocurrency
Scams
Law Enforcement
The DOJ seized $15B in Bitcoin from a 'pig butchering' scam based in Cambodia, sparking discussion on how the seizure was made possible and what will happen to the funds.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
21m
Peak period
108
12-24h
Avg / period
20
Comment distribution160 data points
Loading chart...
Based on 160 loaded comments
Key moments
- 01Story posted
Oct 14, 2025 at 11:08 AM EDT
3 months ago
Step 01 - 02First comment
Oct 14, 2025 at 11:29 AM EDT
21m after posting
Step 02 - 03Peak activity
108 comments in 12-24h
Hottest window of the conversation
Step 03 - 04Latest activity
Oct 21, 2025 at 12:41 AM EDT
2 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 45580981Type: storyLast synced: 11/20/2025, 8:14:16 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Clearly should’ve used an offline wallet lol.
tl;dr: Someone cracked these weak entropy wallets 3+ years before anyone else and kept it secret
Whether that was the USG or another entity has yet to be revealed
EDIT and were the keys cracked, or were the passphrases obtained ? It's mentioned elsewhere that he had them written down. Which would be a much easier "hack"
The ruling family in Cambodia is a big part of it, via their ownership in HuiOne (now renamed), which is essentially the clearing house for the 'industry'.
In fact the Thai-Cambodia border conflict is due to this industry, and a breakdown in the relationship between Thai and Cambodian leaders over it, with the wiley cambodian leader yet again provoking the sensitive border issue for political gain.
Cambodia is fully commited to scam centers and Thailand doesn't like that and even reached out to Xi directly for cooperation here. Not even a year later the conflict broke.
Finally, cambodia is not suffering at all and if anything the current dictator has become significantly stronger and the country has been on a huge nationalist rise as the dictators control the scam centers and easily repurpose them for online propaganda.
It's surreal how Cambodians are blindly, even passionately, following the government narrative of evil rapacious Thailand invading innocent peace-loving Cambodia, when there is strong evidence showing it was Cambodia provoking the issue to meddle in Thai politics, but there is such deep-seated pride (on both sides I think) that truth is disregarded.
What is making things worse is rest of the world abandoning Cambodia which justifies scam centers profits as there no other source of income. Cambodia is right next to relatively rich Thailand but has nothing to show - its easy to see how nationalism explodes in such conditions.
Khmer culture is basically an offshoot of the original Hindu, and then Buddhist culture from India. The language is the 'latin' of the region and based off sanskrit, and all the temples in the region are modeled on Hindu temples (representations of mount Meru).
Tai people came from SW China and colonized, if not assumed, this extant culture, and also of course intermingled and whatever.
So both populations share a deep and long history and are closely related.
The bad blood is completely manufactured here and as someone who works in IT the power of information control has never been as apparent as it is today.
Thailand's Thaksin is now in jail and his daughter, basically his avatar, has been removed from government. Mission accomplished.
And to get a sense of how powerful this scam industry is in the country, the latest news is of a young Korean murdered after being kidnapped by a scam gang. Korea has responded forcefully, calling out the danger, yet the Cambodian press is now full of accusations that Korea is defaming Cambodia, that they are just as guilty of human-trafficking Cambodian brides, that some Koreans who were 'rescued' from a scam center don't actually want to go home, that the international press are unfairly treating Cambodia ... you know the story by now.
They don't want to go home because they fear the Chinese criminal gangs would follow them home in South Korea where they were recruited in the first place by Korean-speaking Chinese for debts they accrued while they were held captive. Others also fear they could also be held liable for participating in their fraud -- even if they were forced -- not because they love getting beaten.
Cambodia is claiming they are 'detained' by immigration, and refuse to leave, making it sound like the Koreans themselves are the problem, trying to deflect from the real issue.
$15B of real wealth is a large amount even for a powerful family, so I am surprised it's not a headline news in global media.
> Chen personally maintained records of the wallet addresses and seed phrases associated with the private keys for each.
So it sounds like they have the seed phrases and thus the private keys.
[1] https://storage.courtlistener.com/recap/gov.uscourts.nyed.53...
If not, why wouldn't he just transfer the funds to a new seed?
[1] https://storage.courtlistener.com/recap/gov.uscourts.nyed.53...
The actual taking of the bitcoin is merely taking custody of the bitcoin. The forfeiture process changes the actual _ownership_. Think in terms of when the feds take cash from a car. FIRST they actually take the cash THEN LATER they file the forfeiture.
The article just says "private keys the defendant had in his possession" does this mean he was holding onto private keys that had no passwords / encryption at all that unlocked $15B?
Or does the government have an alternative way of "seizing" bitcoin? I remember years ago people throwing around conspiracy theories that bitcoin was invented by the NSA / other 3 letter agencies with a backdoor to basically allow easy tracking / seizure of criminal assets.
Im not a conspiracy theorist, but stories like these were the government seems so easy to seize such incredibly large amounts of money so easily seems to suggest some other mechanisms that aren't public.
> Chen personally maintained records of the wallet addresses and seed phrases associated with the private keys for each.
So he wrote the passwords down, basically.
[1] https://storage.courtlistener.com/recap/gov.uscourts.nyed.53...
https://www.economist.com/audio/podcasts/scam-inc
[0] https://www.lawfaremedia.org/article/starlink--an-internet-l...
They absolutely do: https://www.reuters.com/investigations/musk-ordered-shutdown...
Wonder how this whole concept overlays onto LLMs, with a lot more money on the line and a lot less regulation.
You end up dead because your co-conspirators don't want to end up in a cage.
In a way it's like with an overfunded startup: when at some point in time the music stops because even the last would-be investor realized that the business will never be profitable, the company collapses. But all those paychecks received for playing with Other People's Money don't magically return.
You underestimate the intensity of human greed.
Comparing a scam to war is inaccurate. The Cold War was a war running cold with the potential to go hot. Cambodia and America are not going to war over this.
To me "war" is a state of "no rules" hurting. IE nuclear, biological, any weapon goes. Anything less is an exercise in restraint - even if still quite terrible in it's own right.
Which means there are lots of "exercises" of varying lethality, risk profiles, spheres of influence, etc. And yes many countries are jockeying against other countries in varying ways.
Large scale scams against other countries could be seen as an unintended (not a planned government action) exercise that is condoned by the government.
Like whom? We (and let's be honest, every other great power) are at war with many countries all of the time, and while they may be cold for long stretches, they absolutely (a) go hot from time to time and (b) are constantly threatening to go hot.
Meanwhile, China never cracked down against similar scams in Cambodia. Most notably, Prince Group remains unsanctioned in China and it's leadership are Mainland Chinese in origin.
While pig butchering (along with opium and human trafficking and other organized crime activities) are a major reason behind Chinese involvement in Myanmar, ignoring the very real proxy war going on between Chinese and Indian interests in Myanmar fails to contextualize some of the decisions that both countries make within Myanmar.
This also explains why you don't see a similar crackdown in Cambodia, which is solidly within the Chinese sphere at this point.
[0] - https://www.stimson.org/2025/rare-earths-and-realpolitik-fut...
[1] - https://www.irrawaddy.com/news/war-against-the-junta/ignorin...
[2] - https://www.reuters.com/world/china/india-explores-rare-eart...
It's reminiscent of stories about Russian malware doing nothing on machines with Cyrillic keyboard layouts.
Cambodia continues to have scam centers targeting Putonghua speakers (including PRC nationals), but there hasn't been a similar crackdown on such activities due to Chinese pressure.
The crackdown in Kokang happened after China flipped to supporting the Tatmadaw against the Northern Alliance [0] and India began peeling historically India-aligned members of the alliance like the KIA and the Arakan Army back into Indian orbit [1].
P.S. Circa 2 years ago, a large portion of Chinese in SF Chinatown became Kokang and Cambodian Chinese. Bamar, Kuki-Zo, and Kachin Myanmarese primarily reside in Daly City, Ingleside/Outer Mission, and Oakland/East Bay.
SF has a lot of Asian and Latiné subcultures and communities - it's kind of insane how underdocumented it is under the guise of "Asian" and "Latino"
[0] - https://www.stimson.org/2025/too-little-too-late-china-steps...
[1] - https://www.reuters.com/world/asia-pacific/india-extends-unp...
Kachin is not a relevant location of scam centers. You can find articles that claim otherwise, e.g. https://www.ctol.digital/news/inside-worlds-largest-scam-emp... but from the fact that they mention the Thai border and the city of Myawaddy, which is in Kayin/Karen State, it's clear that they're just confusing Kachin and Kayin.
The Kachin Independence Army seems to finance itself through mining instead.
While it's true that some scammers were recently sentenced to death in China https://www.bbc.com/news/articles/c78nrx309kzo and this only happened after the Kachin Independence Army disrupted the rare-earth trade with China, that's just a temporal coincidence. The scammers were captured in 2023 in Laukkai in northern Shan State near the Chinese border by the MNDAA (an anti-junta armed group dominated by ethnic Chinese) as part of Operation 1027. China is rumored to have assisted the operation in order to crack down on the scam centers in junta-controlled territory. https://en.wikipedia.org/wiki/Operation_1027#Cyber-scamming_... The Kachin Independence Army also participated in Operation 1027, but in Kachin, not Shan.
I don't know about Cambodia.
As a result of that failure, all the Northern Alliance members began trying to pivot to other states or in the case of the MNDAA faced the brunt of the Chinese crackdown.
[0] - https://www.bnionline.net/en/news/juntamndaa-peace-talks-doo...
Maybe the reduction of Chinese support encouraged the Kachin Independence Army to seek cooperation with India, but you seemed to be claiming that causality was in the opposite direction (while also misidentifying who was running the scam centers), which I think is clearly contradicted by the timeline of events.
China literally runs black ops offices in New York [1] and Australia.
> also it does not want to upset Cambodia or Myanmar government when not necessary
There is no government in Myanmar. China (and India) heavily intervene in that conflict.
[1] https://www.justice.gov/archives/opa/pr/new-york-resident-pl...
I'm not sure I buy that definition. I think most understand a Cold War to be simply a "war" done without weapons but by other means — via economic means, propaganda, etc.
Cambodia's specifically 30-50% of the economy can be directly attributed to scamming plus casinos
This one of the other organizations / major bank used for money laundering directly linked to Hun Sen
https://en.wikipedia.org/wiki/Huione_Group
> The company is linked to Cambodia's ruling Hun family, which includes the current prime minister, Hun Manet.[4] His cousin Hun To is a major shareholder and director of Huione Pay
Are you saying that 30-50% of Cambodia's economy can be directly attributed to scamming and casinos? I find that shocking and hard to believe. Do you have a source for that statement?
the economy is not that big to start with :)
GDP $49.8 Billion (nominal; 2025)
Some examples
https://www.business-humanrights.org/en/latest-news/cambodia...
Formal estimates by who? Given that the GDP is around $50B, these (unsourced) numbers don't even make sense.
"The UK government says it has frozen assets owned by his network, including 19 properties in London - one of which is worth nearly £100m ($133m)."
How does this quote indicate that the UK was enabling Zhi?
Second, most of the money would not make it to the Cambodian economy. It is likely laundered abroad. The whole operation is likely multinational, with only the workforce located in Cambodia.
(not only for these cambodia originated crimes)
Also keep in mind all the bribes, all the money laundering mentioned in the article by the 100s of affiliated subsidiares of the criminal group all in Cambodia
the big casinos which directly and indirectly support additional laundering
https://www.fincen.gov/system/files/2025-10/Huione-Group-Fin...
https://www.kharon.com/brief/huione-group-cambodia-treasury-...
Every business has revenue / costs
The indictment mentions they were doing 30M/day ~ 10B / year, could be an old message when they were smaller
Guessing that's revenue
They're just one of many organizations in the "industry"
I agree about digital payments, but one of the things that I found disappointingly complex about Bitcoin is needing to receive change when making a payment (https://en.wikipedia.org/wiki/Unspent_transaction_output).
I only made a few Bitcoin transactions because I found the whole experience did not feel like the future. That was a while ago now, and as other commentors have pointed out, it not seems obvious that the real value in Bitcoin lies elsewhere.
There's very few opportunities for a small country without resources.
Between 1965 and 1973 US dropped 2,756,941 tones of bombs on 113,717 sites in Cambidia. Thats more bombs than all allies together used in all of World War II.
Tens of people still getting killed by them every year.
https://gsp.yale.edu/sites/default/files/walrus_cambodiabomb...
This is ridiculously false.
https://en.wikipedia.org/wiki/Barbary_Wars
If they're going to be only prosecuting crimes where there's something in it for them it's going to be a very unsafe society.
https://www.newyorker.com/humor/daily-shouts/l-p-d-libertari...
So did the U.S. hack this guy? Anyone who manages to build such a massive multi-national corporation with myriad illicit businesses but also dozens of legitimate businesses with thousands of employees - including a large bank with over 100,000 customers - and then operate it all for over a decade, doesn't strike me as someone who's trivially careless. I mean he managed to successfully protect that much money for a long time from his own criminal co-conspirators (who would certainly include hackers with insider knowledge of his operations), criminal competitors and all the people he was bribing like senior Cambodian politicians, law enforcement and intelligence agencies.
This just strikes me as either a very lucky break or a perhaps a sign that the FBI is adopting a new playbook to go after shielded international operations like this. Like maybe involving U.S. and 'Five Eyes' intelligence assets.
My assumption is that at this point they just have orders from a judge allowing them to do it and they will find the means later.
Yes, and the other big questions are how they even know about the existence of the bitcoin and then how they were able to demonstrate sufficient probable cause to a judge that A) the bitcoin belongs to the suspect, and B) this bitcoin is the direct proceeds of the charged crimes. Given the extremely unusual circumstances around this seizure, its unprecedented size and the complete lack of details - I suspect something new and interesting has happened here.
Unfortunately, we may never find out unless they manage to arrest the suspect, which seems unlikely. The more interesting scenario might be if the Prince Group files suit challenging the seizure. In that case, the government would not only have to produce evidence proving A and B above, but also that the evidence wasn't obtained illegally (like from secret NSA wiretaps on domestic Cambodian telecoms or targeted covert hacking). Given the circumstances, it's hard to imagine the FBI being able to offer plausible 'parallel construction' to support the legality of the evidence.
1. they are lying. The most obvious one. It's legal and is expected that law enforcement lie in the United States.
2. defendant was so dumb he had the funds in a crypto exchange account
3. Law enforcement has no idea what keys or crypto is. Also likely, law enforcement in the US is not required to be competent.
4. defendant was so dumb he landed on a flight in the US. This would be exceptionally stupid
5. The US military or the intelligence community either coerced the keys out of him or just beat the keys out of him. There are no jurisdictional issues with this approach. From what I understand this guy isn't very popular in any country, so few countries would care. Even fewer would want to publicly discuss how their sovereignty was violated
6. A random member of the criminal organization had access to most but not all of the keys. He showed up at a US embassy and said "well I did lots of bad stuff. I'd like to disappear now & not at a location named Guantanmo! How about we cut a deal"
My personal bet is on #3. It's effectively impossible for anyone to prove they don't have the keys. The only person who could do that would the defendant, who has no interest in doing so.
I think the most likely is a combo variant of #5 and #6. Maybe the USG (or a cooperating government) got leverage on one of his lieutenants - like lieutenant's adult kid goes to NYC to party for a weekend with friends without telling daddy and despite it being against dad's rules. USG quietly holds the kid under some immigration pretext (much easier these days) and forces the lieutenant to put a USB thumb drive in his boss's 'special' PC.
Alternatively, a probable weak point with most overtly criminal kingpins who accumulate literal billions is they really can't trust anyone around them to not steal it. So the guy probably has to keep the crypto keys to his 'big wad' physically with him on a mobile device or memory stick, maybe protected only by a password short enough he can remember it. In that scenario, the USG just does a 'sneak and peek' and images the device, maybe while the guy is transiting a third country. Then it's just a matter of either using one of the NSA's tier 1 vulns on the mobile device image or deploying the NSA's super-computer farm to crack the 'human-memorable' password. If so, it would have been much smarter for the guy to control access to the 'big wad' with split keys separated on multiple devices - and only keep one required part around his neck. Then neither the 'sneak and peak' nor the 'crowbar to the balls' methods would work.
In any of those scenarios, the very interesting part is it shows the Trump admin and Trump's new FBI head Kash Patel are willing to cross some new lines which haven't been publicly crossed before - like using secret intelligence assets for purely criminal enforcement. Note: I think the USG has done this before but it's been pretty rare and always been in ways that were unseen or otherwise deniable, because the CIA/NSA have been extremely resistant to using their best toys for fear of losing their best toys. I suspect the Trump admin has crushed this resistance. A potentially relevant fact is Kash Patel was previously on the National Security Council during Trump's first term, so he'd be familiar with intel assets. Obviously, in the near-term that's bad news for a handful of major international criminals and in the long-term it may be bad for US intelligence capabilities (as the reasons for CIA/NSA resistance weren't baseless).
> Those funds (the Defendant Cryptocurrency) are presently in the custody of the U.S. government.
> The defendant and his co-conspirators subsequently used some of the criminal proceeds for luxury travel and entertainment and to make extravagant purchases such as watches, yachts, private jets, vacation homes, high-end collectables, and rare artwork, including a Picasso painting purchased through an auction house in New York City.
My guess some of defendants were in New York or around the US. You can be a criminal master mind and also be a complete f*king idiot.
Am I slow??? or what under circumstance that you expect FBI to told press how their operate????
U.S. Sanctions Cambodian Conglomerate, Citing Role in 'Pig-Butchering' Scams
https://news.ycombinator.com/item?id=45584418
After obtaining the bitcoins, are they forced to sell it immediately? How does this affect the market?
> Once they did, however, the marshals fell back on standard procedure, preparing to handle the Bitcoin the same way they would a coke smuggler’s speedboat: by auctioning it off. That posed challenges because of the sheer size of the seizure—about 175,000 Bitcoins, or 2% of all the Bitcoin in circulation at the time. According to a prosecutor familiar with the case, the marshals opted for a staggered series of auctions to avoid crashing Bitcoin’s price. In four auctions between June 2014 and November 2015, the marshals sold the Silk Road Bitcoins for an average price of $379. (https://fortune.com/crypto/2018/02/21/government-forfeiture-...)
There were also some bitcoins seized from a hacker that stole them from Silk Road in 2013, and when they seized it in 2020 it was worth $1B, now it's worth $6.5B. Nice profit for the government. https://fortune.com/crypto/2025/01/09/federal-government-all...
Famously illiquid though.
Other way around, by executive order they're forced to hold it in a sovereign wealth fund.
> The practice is called “pig butchering” because scammers deliberately build up trust and emotionally manipulate victims over an extended period—much like fattening up a pig—before ultimately stealing as much money as possible in a final act of financial “slaughter”
https://en.wikipedia.org/wiki/Pig_butchering_scam
Well done DOJ. Hopefully the victims get their money back.
Admittedly it's doubtful whether this kind of activity would be captured by official statistics.
I know it’s a bit of a get out clause but it’s at least not obvious to me that this wouldn’t contribute, certainly the illegal nature is not a blocker for being counted in GDP.
And should their state sponsored criminal activities count for North Korean GDP for example?
How about cash it out and trickle it down to us... or is all that just gonna magically disappear?
[1] https://www.justice.gov/opa/pr/chairman-prince-group-indicte...
229 more comments available on Hacker News