South Korea’s National Tax Service (NTS) turned a routine enforcement action into a major security failure after publishing a press release that exposed private keys, resulting in the loss of $4.8 million in seized cryptocurrency.
The agency released high-resolution photos of confiscated hardware wallets that clearly showed a handwritten seed phrase, enabling on-chain actors to remotely drain 4 million PRTG tokens.
The mistake was preventable. Instead of transferring the assets to newly secured government-controlled wallets, officials displayed the original recovery phrase publicly. Within hours, the funds were gone.
One image featured a Ledger hardware wallet placed beside a note containing the full seed phrase. The resolution was sharp enough to read every word, effectively exposing total control of the assets.
According to reports, the theft occurred in two stages. An initial actor drained the wallet but later returned the funds. Roughly 2.5 hours later, a second actor transferred the restored assets out permanently.
Authorities are investigating, though recovering the funds may prove difficult given the irreversible nature of blockchain transactions.
