UK Government Wants to Keep $7 Billion in Stolen Bitcoin It Has Seized


The U.K. Government is seeking to keep most of the $7 billion in Bitcoin it seized in connection with a Chinese investment fraud, following the conviction of the fraud’s alleged organizer this week.

Zhimin Qian pleaded guilty on counts of possessing and transferring criminal property at Southwark Crown Court on Monday, following last year’s conviction of her assistant Seng Hok Ling (also known as Jian Wen) on similar counts. This conviction now raises the question of who will keep the 61,000 BTC originally seized by UK authorities in 2018, with upwards of 120,000 victims in China seeking compensation for their losses.

Read more…
Source: Decrypt News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Ghostcommit attack hides malicious AI instructions in images

    July 13, 2026

    Ghostcommit is a proof of concept that shows how AI assistants used to review software code can be tricked by hidden instructions embedded in images. The academic ASSET Research Group showed that an attacker can place instructions inside an image file, point to it in an AGENTS.md file, and get an AI coding agent to follow those instructions during a ...

  • EU-UK sanctions target Russia over Europe-wide ‘vast cyber campaign’

    July 13, 2026

    The European Union and the UK have announced coordinated sanctions against Russia after accusing Moscow’s FSB intelligence agency of carrying out a cyber attack in December targeting Poland’s energy grid and orchestrating a wider campaign of digital sabotage across Europe. The joint measures focus on individuals and organisations linked to Russia’s security services, with the EU ...

  • Ukrainians are using VPNs to cause havoc in Russia by changing fuel station statuses on maps in a bid to cause chaos and confusion

    July 11, 2026

    A coordinated online campaign has reportedly encouraged users to alter fuel station information on digital maps across Russia, creating confusion among drivers. The activity involves changing station statuses by marking locations with available fuel as empty or showing closed stations as operational. Supporters of the campaign claim the effort is designed to disrupt travel decisions, increase uncertainty, ...

  • Supermarket chain Lidl warns customers after data leak

    July 10, 2026

    Unknown individuals managed to gain access to customer data held by the supermarket chain Lidl. The German company informed affected customers of this via email this week. Thus far, the supermarket chain has declined to say how many customers were affected. However, the discount retailer did state that it has notified the Dutch Data Protection Authority. Read ...

  • No Manners Here: The Ruthless Rise of The Gentlemen Ransomware

    July 10, 2026

    The Gentlemen (aka Storm-2697) is a Ransomware-as-a-Service (RaaS) program active since at least July 2025. Public reporting indicates that the operators were likely active months earlier as an affiliate (known as ArmCorp) of Qilin RaaS, which Unit 42 tracks as Spikey Scorpius. Their ransomware variants are written in both C and Go programming languages, enabling ...

  • Florida ransomware negotiator convicted for helping ransomware gang extort US companies

    July 10, 2026

    Florida man Angelo Martino has been sentenced to more than five years in prison for conspiring with hackers to deploy ransomware during his job as a ransomware negotiator for a U.S. cybersecurity company. The U.S. Department of Justice confirmed the sentence on Thursday, noting that the government seized more than $10 million worth of cryptocurrency and assets. Martino ...