- Регистрация
- 17 Фев 2018
- Сообщения
- 41,813
- Реакции
- 0
- Баллы
- 36
Ofline
South Korean police deeply apologized for preventable loss of seized funds.
Credit: Ivan Sherstiuk | iStock / Getty Images Plus
Soon after South Korean police posted a press release boasting about seizing $5.6 million worth of cryptocurrency from 124 wealthy tax evaders, cops realized that they had mistakenly posted images that made it possible for a thief to quickly steal most of the seized assets.
Eventually, the press release was removed, but not before it was grabbed by local media outlets and tech publications covering the theft.
Bleeping Computer shared a screenshot of the retracted images, which showed a handwritten note next to a Ledger device that’s used as a so-called “cold wallet” to store crypto out of reach of online threats. Clearly legible in the photo, the note contained a complete mnemonic recovery phrase that anyone can use as a master key to move assets off the cold wallet to a new wallet without any additional PIN or permissions required.
A blockchain analysis expert, Cho Jae-woo, told a South Korean news site that 4 million PRTG (Pre-Retogeum) tokens—worth approximately $4.8 million—were in the wallet when the thief struck. The Block reported that on-chain data from Etherscan indicated that “the party who moved the funds first deposited a small amount of ETH into the wallet to cover transaction fees, then transferred the 4 million PRTG tokens out in three transactions.”
On Sunday, officers with South Korea’s National Tax Service posted another press release, “deeply” apologizing for the leak compromising the seized assets.
In it, cops explained that they included the images to make the release more eye-catching, but they were careless in failing to redact the crypto wallet password from the images. They acknowledged there was no excuse for the error and confirmed they were launching an investigation with national police, attempting to trace the transfer and retrieve the lost funds.
Because the press release was widely circulated online, the thief could be anyone. South Korea’s National Tax Service has no clear suspects, Gizmodo suggested, and no easy way to claw back funds.
The officials’ best bet might be if the thief tries to move the stolen tokens through a regulated exchange, but The Block noted that the thief might struggle to convert that much cryptocurrency into cash under current market conditions. So seemingly, the thief, who likely wasn’t expecting the big payday anyway, may be motivated to lie low and avoid major exchanges.
Cho suggested that cops could have easily prevented the theft, likening posting any image of the mnemonic recovery phrase to leaving a wallet wide open. He noted that the original holder of the Ledger wallet was following best practices by only recording the phrase on a handwritten note and not storing the password online. Cops should have known to check the images for the recovery phrase, Cho said, and their mistake will likely cost the national treasury billions of won.
It’s possible that whoever took the cryptocurrency just seized on an opportunity after seeing the cops’ failure to redact the images while scrolling through the National Tax Service’s press releases at dawn. It’s also possible that bad actors are closely monitoring South Korean police cryptocurrency announcements, following what The Block reported was “a series of crypto custody lapses.”
In January, officials in Gwangju had to investigate after “a substantial quantity of seized bitcoin was lost,” The Block reported. That was believed to be linked to a phishing attack targeting Coinbase but perhaps signaled that police weren’t always adequately securing seized assets.
Even more disturbingly, last month, police in Seoul’s Gangnam district had to launch an internal investigation after 22 seized bitcoins went missing, The Block reported. That case also involved a cold wallet suddenly drained without the physical device leaving police control, possibly indicating that some sensitive information isn’t handled securely.
In the latest press release, the National Tax Service officer said they are strengthening internal controls and job training to prevent future leaks.
Credit: Ivan Sherstiuk | iStock / Getty Images Plus
Soon after South Korean police posted a press release boasting about seizing $5.6 million worth of cryptocurrency from 124 wealthy tax evaders, cops realized that they had mistakenly posted images that made it possible for a thief to quickly steal most of the seized assets.
Eventually, the press release was removed, but not before it was grabbed by local media outlets and tech publications covering the theft.
Bleeping Computer shared a screenshot of the retracted images, which showed a handwritten note next to a Ledger device that’s used as a so-called “cold wallet” to store crypto out of reach of online threats. Clearly legible in the photo, the note contained a complete mnemonic recovery phrase that anyone can use as a master key to move assets off the cold wallet to a new wallet without any additional PIN or permissions required.
A blockchain analysis expert, Cho Jae-woo, told a South Korean news site that 4 million PRTG (Pre-Retogeum) tokens—worth approximately $4.8 million—were in the wallet when the thief struck. The Block reported that on-chain data from Etherscan indicated that “the party who moved the funds first deposited a small amount of ETH into the wallet to cover transaction fees, then transferred the 4 million PRTG tokens out in three transactions.”
On Sunday, officers with South Korea’s National Tax Service posted another press release, “deeply” apologizing for the leak compromising the seized assets.
In it, cops explained that they included the images to make the release more eye-catching, but they were careless in failing to redact the crypto wallet password from the images. They acknowledged there was no excuse for the error and confirmed they were launching an investigation with national police, attempting to trace the transfer and retrieve the lost funds.
Because the press release was widely circulated online, the thief could be anyone. South Korea’s National Tax Service has no clear suspects, Gizmodo suggested, and no easy way to claw back funds.
The officials’ best bet might be if the thief tries to move the stolen tokens through a regulated exchange, but The Block noted that the thief might struggle to convert that much cryptocurrency into cash under current market conditions. So seemingly, the thief, who likely wasn’t expecting the big payday anyway, may be motivated to lie low and avoid major exchanges.
Cho suggested that cops could have easily prevented the theft, likening posting any image of the mnemonic recovery phrase to leaving a wallet wide open. He noted that the original holder of the Ledger wallet was following best practices by only recording the phrase on a handwritten note and not storing the password online. Cops should have known to check the images for the recovery phrase, Cho said, and their mistake will likely cost the national treasury billions of won.
It’s possible that whoever took the cryptocurrency just seized on an opportunity after seeing the cops’ failure to redact the images while scrolling through the National Tax Service’s press releases at dawn. It’s also possible that bad actors are closely monitoring South Korean police cryptocurrency announcements, following what The Block reported was “a series of crypto custody lapses.”
In January, officials in Gwangju had to investigate after “a substantial quantity of seized bitcoin was lost,” The Block reported. That was believed to be linked to a phishing attack targeting Coinbase but perhaps signaled that police weren’t always adequately securing seized assets.
Even more disturbingly, last month, police in Seoul’s Gangnam district had to launch an internal investigation after 22 seized bitcoins went missing, The Block reported. That case also involved a cold wallet suddenly drained without the physical device leaving police control, possibly indicating that some sensitive information isn’t handled securely.
In the latest press release, the National Tax Service officer said they are strengthening internal controls and job training to prevent future leaks.