Authorities seize crypto wallet... then accidentally publish the password - $4.4m gone

South Korea's National Tax Service accidentally exposed the mnemonic recovery phrase of a seized cryptocurrency wallet, leading to $4.4 million in crypto assets being stolen.

2

The stolen funds were stored in a Ledger cold wallet that was seized by local law enforcement during an operation targeting tax evaders. Law enforcement celebrated the success of the raid by releasing photos of the Ledger device containing the stolen funds, but failed to realize that the image also showed a piece of paper with a handwritten note containing the wallet recovery phrase. That phrase enables a user to recover the device's assets onto another device, and since it was made public, it was only a matter of time before the funds were stolen.

That's exactly what happened. Shortly after the press release was published, 4 million Pre-Retogeum (PRTG) tokens were transferred out of the confiscated wallet to a new address. Blockchain data analysis expert Cho Jae-woo, a professor at Hansung University in Seoul, commented on the theft of the digital assets, and said the mistake of law enforcement is comparable to the police finding a full wallet on the side of the street and advertising it to the nation that it's open and the money is free to take if they want it.

"On-chain data (Etherscan) analysis shows that the attacker first deposited a small amount of Ethereum (ETH) into the wallet to pay transaction fees (gas fees), and then meticulously transferred the 4 million PRTG tokens to their own wallet in three separate transactions," reads a Korean media report

Jae-woo said the mistake highlights law enforcement's lack of understanding of digital assets such as cryptocurrency.