S.Korea’s Tax Agency Leaked Crypto Master Key — and Got Robbed Twice

South Korea’s National Tax Service (NTS) is dealing with intense scrutiny after a leak of a non-public safety key. This error led to the consecutive theft of 4 million seized PRTG tokens (approx. $4.8 million).

The debacle raises severe questions on whether or not the Korean authorities can securely handle the digital property it seizes.

A Comedy of Errors

The incident started on February 26 throughout a press convention relating to high-value tax delinquents. The NTS distributed images of seized cold-storage USB wallets to showcase its enforcement success. However, these photos inadvertently included the “mnemonic code,” a 24-word grasp key used to entry digital property.

According to blockchain information and police experiences, the PRTG tokens had been stolen twice within 24 hours. The first breach occurred early on February 27. An particular person, claiming to be an bizarre investor, used the uncovered code to empty the pockets.

In a shocking twist, this “first hacker” contacted the police and media on February 28. He submitted a confession, stating he took the cash “like choosing up waste paper” as a result of it was too simple. He claimed he returned the complete 4 million PRTG tokens to the NTS pockets shortly after.

The restoration was short-lived. Just two hours after the return, a second entity focused the identical weak pockets. This second actor efficiently transferred your complete steadiness to a pockets flagged for “pretend phishing” actions.

Systemic Failures in Asset Management

Security specialists criticized the NTS for failing to safe the returned funds. The company didn’t transfer the property to a brand new, safe pockets after the preliminary breach. This allowed the second thief to make use of the identical uncovered mnemonic code.

The NTS said they can’t present particulars as a result of ongoing investigation. However, they maintained that no additional administrative errors occurred through the second switch.

The stolen asset, PRTG, is primarily traded on a single alternate, MEXC. Experts be aware that the $4.8 million valuation is solely theoretical, because the market is illiquid. “The precise realizable worth is probably going just a few thousand {dollars},” mentioned Professor Cho Jae-woo of Hansung University. Any try and liquidate such a big quantity would trigger the PRTG worth to crash immediately.

Government Apologizes and Responds

The NTS issued a proper apology on March 1, accepting full duty.

“This is unequivocally the fault of the National Tax Service,” the company mentioned. It blamed the breach on the careless provision of unique images containing delicate information to the media. The company pledged an exterior safety audit and stronger pre-release evaluate procedures.

The NTS has requested a police investigation, and the National Police Agency’s Cyber Terror Response unit has opened a preliminary inquiry. Police are monitoring which media retailers obtained high‑decision photos containing the mnemonic and who had entry to them.

In current months, the nation’s prosecutors temporarily lost control of 320 bitcoin, whereas one in every of its police stations found 22 lacking bitcoin from a vault. All three of Korea’s main investigative and enforcement our bodies have now confronted high‑profile failures in crypto custody.​ Analysts say regulation‑enforcement businesses should quickly enhance their technical competence and operational controls as criminals more and more launder proceeds by means of crypto.

The submit S.Korea’s Tax Agency Leaked Crypto Master Key — and Got Robbed Twice appeared first on BeInCrypto.