South Korean authorities seized $5.6 million worth of crypto then accidentally posted pictures of the super-secret recovery phrase, resulting in the loss of... $4.8 million worth of crypto
If you've been having a bad week at work, I'm here to inform you that it could always be worse. South Korea's National Tax Service carried out law enforcement raids resulting in the seizure of cryptocurrency assets worth $5.6 million late last month, gained from 124 tax-evading citizens.
Quite the win, you would have thought (via Ars Technica). However, the agency then proudly released photos of a hardware crypto wallet containing $4.8 million worth of the ill-gotten gains—alongside a handwritten note clearly displaying the wallet's mnemonic recovery phrase.
For those not in the know, this 12-to-24 word sequence allows the recovery of a crypto wallet's contents, acting as a master key that can grant access to the wallet on other devices.
Guess what happened next. The following morning, the authorities were astonished to discover that the wallet had been emptied, and the vast majority of its seized cryptocurrency was therefore back in circulation. Or at the very least, tucked away inside the account of some opportunistic crypto enthusiast.
Professor Cho Jae-woo, director of the Blockchain Research Institute at Hansung University in Seoul and the original observer of the transaction, said: "This is like advertising to open your wallet and take your money."
"Taking a picture of a mnemonic code and storing it in a gallery, messenger, or cloud is something you should never do" he added. "Just like taking a picture of a bank security card in the past and storing it on a computer, taking a picture of [the mnemonic] and posting it on the web is essentially the same as saying, 'Take it all.'"
Which our opportunistic crypto thief seems to have done. The good news, though (and let's face it, the South Korean authorities need some at this point) is that the crypto is tied to an obscure token called Pre-Retogeum (PRTG), which looks to be very difficult to move onwards.
PRTG has a market valuation of around $12 million, and is only listed on a single exchange. The value stolen here would represent 40% of PRTG's entire supply, which means if significant amounts of it were to be sold, the token's value would likely plummet before the transaction was complete.
Officers within the South Korean NTC posted a public apology for the loss over the weekend, saying (via machine translation):
"This incident occurred as a result of carelessly providing the original photo to the media without recognizing that it contained sensitive virtual asset information in order to provide more vivid information to the public, and there is no excuse for it.
"The National Tax Service is taking this incident as an opportunity to conduct an external diagnosis of the entire security system and strengthen internal controls such as prior review to prevent the leak of sensitive information when making public disclosures, while completely revising the manual for the entire process of virtual asset seizure, storage, and sale."
As a final note, a quick bit of back-of-a-receipt maths suggests that roughly $800,000 worth of the seized crypto is still in the hands of the South Korean authorities.
That's a less impressive figure, but at least it means the National Tax Service will be less likely to post images of whatever device it's currently contained within. Next to today's newspaper, their post, and the names and addresses of everyone involved. Naturally.