According to The Block, the Gangnam Police Department in Seoul, South Korea, confirmed that 22 bitcoins, worth over $1.4 million (approximately 2.1 billion won), were voluntarily handed over by the suspect during a case investigation in 2021.
The most puzzling part is that the USB cold wallet device used to store the private key is still in the hands of the Gangnam Police Department , but the Bitcoin inside is gone. This means that someone obtained the private key at some point and completed the on-chain transfer, and it is unknown whether this "someone" is an outsider.
The Gyeonggi Northern Provincial Police Agency has launched a formal internal investigation, examining internal access records, wallet key management procedures, and any evidence of insider involvement. Police have not yet released information regarding the flow of funds or potential suspects.
Previously, the Gwangju prosecutor's office was targeted in a sting operation involving $47.7 million.
This is not the first time that South Korean law enforcement agencies have "lost" seized crypto assets.
Previously, a larger-scale Bitcoin theft occurred at the Gwangju District Prosecutors' Office in South Korea, where approximately 70 billion won (about US$47.7 million) of seized Bitcoin was stolen in mid-2025 and was not discovered until a routine review.
The official explanation is a "phishing attack." Staff members, while inspecting seized crypto assets, mistakenly visited a phishing website , leading to the leakage of private key credentials and the irreversible transfer of Bitcoin. Even more shockingly, the office had stored Bitcoin-related passwords directly on a USB flash drive , indicating a failure to implement cybersecurity protocols.
Is it a hacker or "one of our own"?
In total, these two incidents resulted in South Korean law enforcement agencies losing nearly $50 million in seized crypto assets in less than six months. Both incidents share suspicious commonalities:
- The cold wallet is installed, but the coins are not. The original design purpose of a cold wallet is for offline storage, and theoretically, external hackers cannot remotely access it.
- Private key management is extremely lax. Passwords are stored on USB drives, and cold wallets are kept in the office, making them vulnerable to exploitation by anyone with access.
- The incidents were all discovered "much later." The Gangnam Police Station had been storing currency since 2021, and the Gwangju case only came to light during a routine investigation.
- The flow of funds is unclear. No on-chain tracking results have been released to date.
These signs have led outsiders to question whether this was the result of an external attack or an inside job.
Trust crisis in South Korean crypto regulation
Ironically, South Korea has long been one of the world's most stringent regulators of cryptocurrencies, having just passed the first phase of the Digital Assets Basic Law last year, requiring exchanges and custodians to adhere to strict asset custody standards. Yet now, even the police and prosecutors' offices, responsible for law enforcement, are unable to safeguard their own Bitcoin holdings.
