$15 billion worth of BTC private keys have been cracked—tech miracle or the "Doomsday" warning for cold wallet security?

In October 2025, a lawsuit from the U.S. Department of Justice sent shockwaves through the crypto world: by seizing approximately 127,271 Bitcoin held by the Cambodian Prince Group and related entities, the U.S. government claimed a nearly $15 billion asset. This was not only one of the largest asset seizures in crypto history but also stunned the global tech community—these Bitcoins were not confiscated through traditional law enforcement raids but were “accidentally cracked” due to their private keys being compromised.

Is this the collapse of mathematical theory, or simply a result of a careless coding mistake? As Bitcoin (BTC) hovers around $65,000 on Gate’s market, this incident serves as a stark warning to all holders about asset security.

Not a victory for quantum computers, but a “random” failure

Many first think of the “miracles” or breakthroughs in quantum computing depicted in The Three-Body Problem. But the truth is far more brutal and closer to reality.

Bitcoin’s core relies on the secp256k1 elliptic curve algorithm, which theoretically makes brute-force attacks impossible due to its 2^256 private key combinations. However, the private key involved in this $15 billion asset was cracked, not because of a flaw in Bitcoin itself, but due to issues in the key generation process.

Investigations reveal that as early as December 2020, the well-known LuBian mining pool was attacked, resulting in over 120,000 BTC being transferred. Years later, it was traced back to a critical flaw in the Mersenne Twister (MT19937-32) pseudo-random number generator used by the pool. This pseudo-random algorithm is not a true entropy source; its generated private keys had an extremely reduced key space—equivalent to giving a safe a “master key.” Attackers exploited this pattern through brute-force enumeration to crack wallets en masse.

This means that the $15 billion in assets was not “mathematically” broken but was lost due to programmer negligence. According to the Milk Sad research team, between 2019 and 2020, wallets generated with weak keys held over 53,500 BTC.

Market fluctuations and the latest update on February 25

Although the seizure occurred at the end of 2025, its ripple effects continue to influence market sentiment. As of February 25, 2026, data from Gate’s spot market shows Bitcoin (BTC) at around $65,000, up 3% in 24 hours. Despite retreating from the early-year highs, the market demonstrates resilience amid U.S. midterm election momentum and macroeconomic policy uncertainties.

Notably, during Bitcoin’s dip below $65,000, on-chain data shows about 400,000 BTC being accumulated by institutions in the $60,000–$70,000 range. This “whale” accumulation at lower levels contrasts sharply with retail investors’ “extreme fear” (Fear & Greed Index at only 15 points), triggered by the private key security incident.

The “Doomsday Clock” for cold wallets: Not foolproof

This incident is called a “Doomsday Clock” because it challenges the industry’s blind faith in cold wallets. Typically, we believe that as long as private keys are kept offline (cold storage), assets are safe.

However, the $15 billion case proves a harsh truth:

1. Generation leads to destruction: If private keys are generated in insecure random environments, their “unpredictability” is compromised—even if never connected to the internet. Weak random number generation makes private keys essentially equivalent to public passwords.
2. Physical isolation has limits: Recently, South Korean police reported a similar scandal where millions of dollars worth of Bitcoin vanished from police cold wallets. Investigations pointed not to cryptographic hacking but to insider access or key management lapses.
3. Hidden vulnerabilities: Beyond random number issues during generation, legacy protocol flaws (such as errors in SIGHASH_SINGLE handling, CVE-2025-29774) could allow signature forgery and private key recovery. This reminds us that even “secure” code used for years may harbor time bombs.

How should Gate users respond under security safeguards?

In light of this landmark event, Gate’s content team must guide users to deepen their security awareness:

1. Reject closed-source randomness: Always use hardware wallets or reputable software wallets that source randomness from chip-level true random number generators (TRNG), not simple pseudo-random algorithms.
2. Diversify risk: Don’t put all eggs in one basket. While Gate employs multi-signature cold storage to protect user assets, for large personal holdings, multi-signature and sharded storage are essential to prevent single-point private key failures.
3. Pay attention to technical audits: When choosing mining pools or tools, ensure their code has undergone rigorous security audits. The 2020 Lubian pool incident shows that a flaw in a random number generator can wipe out $15 billion.

Conclusion

The cracking of private keys worth $15 billion is not a miracle of mathematics but a tragedy of code. It teaches us that true security isn’t just locking the private key in a safe but ensuring that the lock was made to be unique from the start.

At Gate, we uphold the utmost respect for user asset security. As of February 25, despite market oscillations around $65,000, we believe that only a store of value built on absolute security can withstand bull and bear markets. After all, private keys are power—lose the private key, lose everything.