Soon after South Korean police posted a press release boasting about seizing $5.6 million worth of cryptocurrency from 124 wealthy tax evaders, cops realized that they had mistakenly posted images that made it possible for a thief to quickly steal most of the seized assets.
Eventually, the press release was removed, but not before it was grabbed by local media outlets and tech publications covering the theft.
Bleeping Computer shared a screenshot of the retracted images, which showed a handwritten note next to a Ledger device that’s used as a so-called “cold wallet” to store crypto out of reach of online threats. Clearly legible in the photo, the note contained a complete mnemonic recovery phrase that anyone can use as a master key to move assets off the cold wallet to a new wallet without any additional PIN or permissions required.
A blockchain analysis expert, Cho Jae-woo, told a South Korean news site that 4 million PRTG (Pre-Retogeum) tokens—worth approximately $4.8 million—were in the wallet when the thief struck. The Block reported that on-chain data from Etherscan indicated that “the party who moved the funds first deposited a small amount of ETH into the wallet to cover transaction fees, then transferred the 4 million PRTG tokens out in three transactions.”
On Sunday, officers with South Korea’s National Tax Service posted another press release, “deeply” apologizing for the leak compromising the seized assets.
In it, cops explained that they included the images to make the release more eye-catching, but they were careless in failing to redact the crypto wallet password from the images. They acknowledged there was no excuse for the error and confirmed they were launching an investigation with national police, attempting to trace the transfer and retrieve the lost funds.