South Korean authorities lost over $4.8 million in cryptocurrency after publishing sensitive data online, as the country’s tax service was eager to boast about its achievements in the fight against tax evasion.
South Korean authorities lost over $4.8 million in cryptocurrency after publishing sensitive data online, as the country’s tax service was eager to boast about its achievements in the fight against tax evasion.
Tom’s Hardware reports that South Korean tax authorities have published a photo of a hardware wallet that held private keys controlling over 4 million Pre-Retogeum (PRTG) tokens, along with a handwritten note containing a mnemonic phrase to recover the wallet.
The images in question were included in a press release sent out by the agency itself to advertise its own commitment to fighting offenders.
«Hardware wallets don’t store cryptocurrency — instead, they store private keys that control blockchain addresses, ensuring that only someone who knows the PIN can access the token. But if you lose your hardware wallet and don’t have a backup of those keys, you could potentially lose permanent access to the blockchain address that holds your tokens. Because of this, many of these devices generate a mnemonic passphrase during setup that allows you to recreate all of your private keys and addresses, even without a physical wallet,» the publication explains.
Journalists conclude that the investigators probably had no idea about the meaning of the mnemonic phrase for recovery, as they allowed it to be published without crossing out the information written on the piece of paper.
«It’s like posting your credit card number, expiration date, and security code online before multi-factor authentication, or sharing your social security number on Reddit,» Tom’s Hardware comments.
Thanks to this mistake, the first person to understand the situation and take advantage of it was able to transfer 4 million PRTG to another wallet (probably his own) without any problems.
«According to blockchain analysis, the thief first deposited some Ethereum (ETH) to pay transaction fees, and then withdrew a huge amount in four transactions,» the journalists state.
This is not the first major blunder involving cryptocurrency and South Korean authorities. Just last month, the country’s National Police Agency discovered that 22 bitcoins (BTC) worth more than $1.5 million had disappeared over several years after investigators failed to transfer the seized BTC to their own wallets.
«Authorities believed the amount was safe because they physically stored the hardware wallet, but the original owner of the device apparently gave its mnemonic phrase to the hacker after he needed the money, leading to the loss of the cryptocurrency,» the report says.
Meanwhile, we previously wrote about how hackers from North Korea are attacking European drone manufacturers under the guise of employment.
dev.ua also investigated how North Korean hackers invisibly fund their country’s military programs by stealing crypto.
Вивчення втрати 4.45 BTC потребує уважного аналізу того, як саме було втрачено кошти. Якщо ви підозрюєте шахрайство, рекомендується повідомити про це відповідні органи, зокрема місцеву поліцію або підрозділ з протидії шахрайству. Консультація з досвідченим фінансовим радником або юристом допоможе оцінити наявність можливих варіантів повернення коштів, таких як страхове відшкодування або судовий позов. Водночас зараз ідеальний момент, щоб переглянути свої фінансові звички та внести зміни, які можуть знизити ймовірність майбутніх втрат. Для отримання додаткових рекомендацій і порад, будь ласка, зверніться до детального посібника FundsRetriever AT Proton DoT me, TG: AT FundsRetriever, WhatsApp:+10635121448.