Over $4 million in cryptocurrency has been stolen after a rookie mistake by the Korean tax authority. The agency "accidentally" published the wallet seeds online while releasing case files related to an investigation. This comes just a month after the Korean prosecutors’ office accidentally lost access to roughly 300 bitcoins due to mishandling of digital wallets and their seeds.
A Big Mistake
The wallets in question were seized by the Korean tax authority from large-scale tax evaders. At the time of the seizure, the cryptocurrency forfeited amounted to over $5 million. The authority went on to announce their successful seizure, publishing images of seized cash, USBs, and, of all things, wallet seeds—right there in plain sight, unredacted.
The Big Transfer
Shortly after this announcement, the funds were transferred out of the wallets, making them unrecoverable. The cryptocurrency stolen is an ERC-20 token known as Pre-Retogeum (PRTG). Korean media reported that the actors first created a wallet, pre-deposited a small amount of Ethereum for the base fees, and only then made the transfer. This adds an extra layer to the investigation, as there is already a potential trace that leads to the perpetrator.
A Bad History With Wallets
Over the years, Korean authorities have been notoriously poor at managing cryptocurrency wallets. As an example, back in 2021, the Korean government seized 22 bitcoins in a hacking case, but the wallet seed was left with a third-party custodian, which resulted in the loss of those funds. Arrests were made in relation to that case.
Additionally, earlier this year, in January, in a separate case, the Korean prosecutors’ office managed to lose the seed to a wallet containing over 300 bitcoins. After major media attention, they were able to locate the seed and recover the funds safely.
Korean Tax Authority Apologizes
The Korean Tax Authority issued an apology for this mistake. They stated that their intention was to provide vivid information to the public, but it ended up being exposed to the wrong parties. They fully admitted their error and took public responsibility for it. They also indicated that they will be updating their policies regarding the handling of such sensitive information.
Conclusion
Not much more is known about the perpetrator or where the funds went, but there is a fair chance they can be located in the future, especially if the initial Ethereum was purchased with identifiable details. Additionally, given the Korean government’s history with cryptocurrency wallets, one would expect them to be more careful in handling them—but this appears not to be the case, as this is their rookiest mistake yet.
0 Comments