South Korean Police Lose Seized Crypto by Posting Password Online
Source: Hacker News
Overview
South Korea’s National Tax Service seized crypto assets during recent enforcement actions against 124 high‑value tax evaders. The operation initially confiscated holdings worth about 8.1 billion won (≈ $5.6 million). A press release later showcased the effort, including photographs of seized Ledger hardware wallets and handwritten notes displaying the wallets’ seed phrases.
How the seed phrase was exposed
The high‑resolution photos published in the press release revealed the mnemonic recovery phrases—the master keys that unlock the wallets. Because the seed phrase was visible, the offline cold‑storage protection of the Ledger devices was effectively nullified. Anyone with the phrase can import the wallet into software or another hardware device and transfer the funds without needing the original Ledger.
Theft execution and value
An unknown individual who saw the published photos first added a small amount of ether to one of the addresses to cover Ethereum network gas fees. They then executed three transfers, moving approximately 4 million Pre‑Retogeum (PRTG) tokens. At the time of the theft, those tokens were valued at about $4.8 million.
Reporting from The Block notes that liquidating that amount of PRTG would have been difficult due to market dynamics.
“The incident showed the tax authorities’ basic lack of understanding of virtual assets,” said a Hansung University professor, according to a local report.
Official reaction and criticism
Because the seed phrase was widely distributed in the press release, investigators have no clear suspect; any observer could have carried out the theft. The loss highlights the challenges of recovering crypto once it leaves the custody of law enforcement, as there is no central authority to claw back assets in most cases. Recovery is only feasible when stablecoins are involved or when the funds reach a regulated exchange that can cooperate with authorities.
Prior law‑enforcement seizures gone wrong
This is not the first mishap involving seized crypto in South Korea.
- November 2021 – Gangnam Police Station seized 22 bitcoin during a hacking investigation. The coins were stored in a wallet provided by the A Coin Foundation, and the recovery phrase later fell into third‑party hands.
- Last week – Police arrested two individuals linked to the foundation on suspicion of using that phrase to drain the bitcoin from evidence storage. The 22 bitcoin are now worth around $1.5 million.
Broader security concerns in crypto
- Self‑custody risks – Full control of private keys places significant responsibility on individuals, creating new vulnerabilities.
- Physical robberies – Criminals are increasingly targeting people known to hold large crypto sums. A recent incident in Scottsdale, Arizona involved two teenagers who drove over 600 miles, posed as delivery drivers, and forced a couple at gunpoint to hand over crypto they believed was worth $66 million.
- Insider threats – Employees and officials with access to personal data can become security holes. Examples include a former Revolut staff member allegedly attempting blackmail and a French tax official reportedly selling crypto users’ personal data to criminal networks.
- Scams using crypto ATMs – Scammers direct victims to crypto ATMs, after which recovery is nearly impossible. This tactic has heavily impacted elderly victims in the United States. Minnesota lawmakers and police are pushing for a complete ban on crypto ATMs, with similar concerns raised in Maine, Massachusetts, Kansas, and other states. The FBI estimated the nationwide impact of such scams at $333 million in a single year, not counting December.
These cases illustrate that while crypto offers independence from traditional financial systems, it also introduces a range of new security challenges that affect individuals, law‑enforcement agencies, and regulators alike.