South Korea has been hit with another major cryptocurrency asset management scandal. The National Tax Service (NTS) inadvertently disclosed the 12-word seed phrase of a seized cryptocurrency wallet in an official press release , leading to the theft of digital assets worth approximately $4.8 million (about 6.4 billion won) within hours. As police investigate, this incident, where "a single photograph caused millions in losses," is becoming the latest and most representative cybersecurity warning case in South Korea's history of digital asset regulation.
High-resolution photos without masked seed phrase become entry points for hackers.
The incident stemmed from a routine press release issued by the IRS. The announcement was intended to explain the results of an investigation into a high-tax debtor and included photos of seized items, including multiple Ledger hardware wallets used to store digital assets.
However, the problem lies in one of the high-resolution images. In the photo, a handwritten note clearly displays the complete 12-word seed phrase, placed next to a hardware wallet. Even more shockingly, this crucial information is displayed publicly without being obscured or blurred.
In the blockchain world, a seed phrase is equivalent to a wallet's "master key." Anyone who knows these 12 words can restore the wallet and gain complete control over its assets. This basic mistake is tantamount to handing over millions of dollars.
4 million PRTG tokens were transferred out, worth approximately $4.8 million.
Within hours of the press release going live, an unknown individual successfully restored the wallet using the seed phrase and quickly transferred out approximately 4 million Pre-Retogeum (PRTG) tokens.
PRTG is an Ethereum-based token asset, with a total value of approximately $4.8 million (about 6.4 billion Korean won) at the time of the incident. On-chain data shows that the funds were transferred to an unknown Ethereum address, and the entire process took only a few minutes.
Even more dramatically, the sender had specifically deposited a small amount of ETH into the wallet before the transaction to cover gas fees. This demonstrates the sender's familiarity with blockchain operations, and the overall action appeared calm and planned.
Jaewoo Cho, an associate professor at the Blockchain Research Center at Seoul National University, confirmed the theft on social media immediately. He pointed out that the leak of the seed phrase is "equivalent to relinquishing control of the wallet," which is a serious security management failure.
Tokens suspected of being returned after 20 hours? Low liquidity is a key factor.
It is worth noting that reports indicate the stolen PRTG tokens were partially or fully returned to their original address approximately 20 hours later. However, the reason for this has not yet been officially explained.
Market analysts speculate that PRTG itself has extremely low liquidity, with daily trading volume as low as $299. Given such thin market depth, a large sell-off could immediately trigger a price crash and quickly expose the flow of funds. Therefore, the suspect may have chosen to return the assets due to difficulties in liquidating them or concerns about being tracked.
The IRS has only stated that it is "confirming the situation" and has not provided further details on whether the assets have been fully recovered or whether internal negligence was involved.
Police have intervened in the investigation, marking the third major cryptocurrency asset mishap in three months.
The South Korean National Police Agency has officially launched an investigation and assigned its cyberterrorism response unit to the case, while also clarifying whether there were any internal management deficiencies.
In fact, this is the third incident involving the custody of crypto assets by government agencies in the past three months.
In January 2026, Gwangju prosecutors sparked controversy over the loss of approximately $48 million worth of Bitcoin seized in connection with a fraud case; earlier in February, Seoul's Gangnam Police Station also reported that 22 BTC (approximately $1.4 million) seized in 2022 went missing due to improper safekeeping by a third party.
The series of management loopholes has led to questions about the professionalism of South Korean public authorities in the safekeeping and handling of encrypted assets.
With increasingly stringent regulations, has the government itself become the biggest risk?
As one of the most active countries in the world in terms of per capita cryptocurrency trading, South Korea has been continuously strengthening its regulatory measures against exchanges, influencer marketing, and market manipulation in recent years. However, after Bitcoin's sharp decline since the end of 2025, retail investors have gradually shifted their funds to domestic stock markets such as AI and semiconductors.
Amid increasingly stringent regulations, this incident reveals another layer of risk—operational errors by the government itself.
Several blockchain researchers and opposition lawmakers criticized the incident, saying it could have been completely avoided through basic cybersecurity procedures, such as mandatory data masking, establishing standardized document review processes, and providing digital asset security training for law enforcement personnel.
An unblurred photograph became the price of millions of dollars.
The investigation is ongoing, and law enforcement agencies are using blockchain analytics to track fund flows and identify potential suspects. The IRS has not yet released further details.
This incident serves as a stark reminder to the market that while the technology itself may be secure in the decentralized finance world, human error is often the biggest vulnerability. For government agencies overseeing the seizure of massive amounts of assets, this lesson, costing a staggering $4.8 million, will undoubtedly be a crucial turning point for future institutional reforms.
In the world of blockchain, a single mistake, perhaps requiring only a photograph, can wipe out your assets instantly.
This article, titled "South Korean Tax Service Accidentally Exposes Wallet Seed Phrase, $4.8 Million in Crypto Assets Stolen Instantly," first appeared on ABMedia, a ABMedia .
