US-Led Seizure of $15 Billion in Cryptocurrency from Southeast Asian Scam Empire
US authorities, in collaboration with their UK counterparts, executed a historic seizure of nearly 130,000 bitcoins, valued at approximately $15 billion, from a criminal organization operating out of Cambodia. This operation marks the largest financial seizure of any kind in US history. The criminal network, known as the Prince Group and led by CEO Chen Zhi (aka Vincent), ran massive scam compounds across Cambodia, Myanmar, and Laos. These compounds were notorious for using forced labor to perpetrate large-scale cryptocurrency investment fraud, commonly referred to as 'pig butchering' scams. Victims were lured into online relationships and convinced to invest in fraudulent crypto schemes, resulting in billions of dollars in losses worldwide. The scam operations were characterized by the use of violence and coercion, with trafficked workers held against their will and forced to conduct online fraud on an industrial scale. The US Department of Justice unsealed an indictment against Chen Zhi and the Prince Group, detailing the extent of the operation and the methods used to launder and store the illicit proceeds. The seized cryptocurrency represents the largest amount ever confiscated in a US law enforcement action, underscoring the global reach and financial impact of the scam. The operation also highlights the growing intersection of human trafficking and cyber-enabled financial crime, as the scam compounds relied on both physical and digital means to exploit victims and evade detection. The investigation revealed that the criminal group targeted victims in the United States and around the world, using sophisticated social engineering tactics to build trust before defrauding them. The seizure was the result of extensive international cooperation and intelligence sharing, reflecting the complexity of dismantling transnational cybercrime networks. Authorities emphasized the importance of disrupting the financial infrastructure of such organizations to deter future operations. The case has drawn attention to the need for increased vigilance and regulatory oversight in the cryptocurrency sector, as digital assets continue to be exploited by organized crime. The Prince Group's operations have been linked to a broader pattern of cyber-enabled fraud and human rights abuses in Southeast Asia. The US government has called for continued international collaboration to combat similar scam networks and to provide support for victims of both financial fraud and human trafficking. The indictment and asset seizure serve as a warning to other criminal enterprises leveraging technology and coercion for illicit gain. The operation is expected to have a significant impact on the global cybercrime landscape, disrupting one of the most prolific scam networks to date. Law enforcement agencies are continuing to pursue leads related to the whereabouts of Chen Zhi and other key figures in the organization. The case underscores the evolving nature of cybercrime, where traditional criminal methods are increasingly intertwined with advanced digital tactics and cross-border operations.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
6 events from the most recent confirmed update back to the earliest known activity.
Researchers claim satellites leak unencrypted communications data
Security research highlighted claims that satellites were leaking unencrypted communications data, exposing sensitive transmissions to interception. The report underscored risks from insecure legacy or poorly protected space-based communications systems.
Senator Wyden alleges federal agencies accessed Flock Safety data
Senator Ron Wyden sent a letter alleging that ICE, the Secret Service, and Navy investigators had access to Flock Safety's AI-powered license-plate recognition data. The allegation raised concerns about potential misuse of surveillance data by federal agencies.
Report reveals covert FBI 'Group 78' anti-Black Basta effort
European media outlets reported that the FBI had operated a secret 'Group 78' task force focused on disruptive actions against the Black Basta ransomware gang. The reported effort included discussions of operations inside Russia and attempts to encourage Russian prosecutions of gang members.
Hackers leak personal data of U.S. federal law-enforcement officials
A member of 'the Com' posted spreadsheets on Telegram containing personal information for hundreds of DHS, FBI, DOJ, and ICE officials, including some home addresses. The doxxing incident exposed sensitive details of U.S. federal law-enforcement personnel.
Researchers report North Korean EtherHiding malware delivery technique
Google researchers disclosed that North Korean hackers used an 'EtherHiding' technique, embedding malware-hosting logic in an Ethereum smart contract to deliver cryptocurrency-stealing payloads. The finding added new technical detail on how blockchain infrastructure is being abused for malware delivery.
U.S. seizes $15 billion in cryptocurrency from scam networks
U.S. authorities carried out a major cryptocurrency seizure valued at about $15 billion tied to Southeast Asian, including alleged Cambodian, scam and laundering networks. The action was highlighted as a significant law-enforcement disruption of large-scale fraud infrastructure.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Record-Breaking $15 Billion Bitcoin Seizure from Prince Group Cybercrime Syndicate
Federal authorities in the United States and United Kingdom have executed a historic crackdown on the Prince Group, a transnational criminal organization based in Cambodia, resulting in the seizure of approximately 127,271 Bitcoin, valued at around $15 billion. This operation marks the largest cryptocurrency seizure in U.S. history and is part of a coordinated effort to dismantle one of the most prolific cyber-enabled financial fraud and human trafficking networks in the world. The Prince Group, led by Chen Zhi, also known as Vincent, has been accused of orchestrating widespread 'pig butchering' scams—sophisticated investment frauds that lure victims through social media, dating sites, and messaging apps, ultimately convincing them to invest in fraudulent cryptocurrency schemes. Victims' funds were systematically stolen and laundered through a complex web of over 100 shell and holding companies spanning more than 30 countries. The criminal enterprise relied heavily on human trafficking, forcibly recruiting and detaining thousands of individuals in heavily guarded compounds in Cambodia, where they were compelled to perpetrate scams under threat of violence. These compounds were described as modern-day slavery camps, featuring high walls, barbed wire, and harsh living conditions. The Prince Group also operated automated call centers, utilizing millions of phone numbers to facilitate their fraudulent activities on a global scale. Chen Zhi, the alleged mastermind, remains at large and is the subject of an international manhunt, with the FBI seeking information on his whereabouts. He faces up to 40 years in prison if apprehended and convicted. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed financial sanctions on 146 individuals and entities associated with the Prince Group, aiming to disrupt the organization’s financial infrastructure. The group’s operations have been ongoing since at least 2015, with law enforcement agencies noting the use of advanced cryptocurrency laundering techniques such as 'spraying' and 'funneling' to obscure the origins of illicit funds. Chen Zhi is also accused of bribing public officials to evade law enforcement scrutiny and maintain the group’s operations. The crackdown is being hailed as one of the most significant actions ever taken against cyber-enabled financial fraud and human trafficking, with officials emphasizing the global reach and devastating impact of the Prince Group’s activities. The seizure and sanctions are expected to significantly disrupt the group’s ability to operate and send a strong message to other cybercriminal organizations. Authorities continue to investigate the full extent of the Prince Group’s network and are working with international partners to identify additional victims and perpetrators. The operation underscores the growing intersection of cybercrime, cryptocurrency, and human trafficking, highlighting the need for continued vigilance and international cooperation. The Prince Group’s public-facing business activities in Cambodia masked its extensive criminal enterprise, which has now been exposed through this landmark law enforcement action. The case serves as a warning to other criminal organizations leveraging technology and human exploitation for financial gain. The Justice Department and its partners remain committed to pursuing those responsible and providing support to the victims of these crimes.
Mar 21, 2026
US Crackdown on Southeast Asian Crypto Scam Networks and Prince Group Forfeiture
The U.S. Department of Justice, in collaboration with federal law enforcement and interagency partners, has intensified efforts to combat large-scale cryptocurrency-enabled fraud originating from Southeast Asia. This includes the creation of the Scam Center Strike Force, which targets scam compounds that use forced labor to perpetrate investment fraud, and the designation of groups such as the Democratic Karen Benevolent Army (DKBA) and companies like Trans Asia and Troth Star for their roles in these operations. The U.S. government estimates that Americans lost at least $10 billion to such scams in 2024, a significant increase from previous years, and has already seized over $401 million in cryptocurrency assets, with further forfeiture actions underway. A notable case in this crackdown involves the Prince Group, led by Chen Zhi, which operated forced-labor scam compounds in Cambodia. The U.S. Department of Justice unsealed an indictment against Chen Zhi for wire fraud and money laundering, and filed a civil forfeiture complaint for approximately 127,271 Bitcoin—proceeds from these illicit activities. The Chinese National Computer Virus Emergency Response Center (CVERC) has alleged that the U.S. may have acquired these bitcoins from a 2020 attack on the LuBian bitcoin mining pool, raising geopolitical tensions. The Prince Group action is seen as a landmark in the ongoing U.S. campaign to disrupt the infrastructure behind Southeast Asian pig butchering scams and related cybercrime.
Mar 21, 2026
Arrest and Extradition of Chen Zhi for Multi-Billion Dollar Crypto Scam Operations
Chen Zhi, the founder and chairman of the Prince Group conglomerate, was arrested in Cambodia and extradited to China following a joint investigation by Cambodian and Chinese authorities. U.S. prosecutors allege that Chen orchestrated a massive crypto fraud network involving forced-labor scam compounds in Cambodia, which generated billions of dollars through cryptocurrency investment and romance scams. The U.S. Department of Justice previously filed its largest-ever forfeiture action, seizing billions in bitcoin allegedly linked to Chen's operations, while the U.K. and other jurisdictions have confiscated properties associated with the Prince Group. The arrest and extradition of Chen Zhi, along with two associates, marks a significant law enforcement action against Southeast Asia’s extensive cyber scam industry. In October, Chen and 128 entities linked to him were sanctioned by the U.S. and U.K., and authorities in Taiwan, Singapore, and Hong Kong have also seized assets connected to the group. The Prince Group’s operations, which spanned real estate, banking, entertainment, and airlines, are now under intense international scrutiny for their alleged role in orchestrating large-scale online fraud and human trafficking for scam operations.
Mar 21, 2026