Clueless Cops Post Seized Crypto Wallet Password. $5M Quickly Stolen.
upstart writes:
Clueless cops post seized crypto wallet password. $5M quickly stolen.:
Soon after South Korean police posted a press release boasting about seizing $5.6 million worth of cryptocurrency from 124 wealthy tax evaders, cops realized that they had mistakenly posted images that made it possible for a thief to quickly steal most of the seized assets.
Eventually, the press release was removed, but not before it was grabbed by local media outlets and tech publications covering the theft.
Bleeping Computer shared a screenshot of the retracted images, which showed a handwritten note next to a Ledger device that's used as a so-called "cold wallet" to store crypto out of reach of online threats. Clearly legible in the photo, the note contained a complete mnemonic recovery phrase that anyone can use as a master key to move assets off the cold wallet to a new wallet without any additional PIN or permissions required.
A blockchain analysis expert, Cho Jae-woo, told a South Korean news site [website in Korean --Ed] that 4 million PRTG (Pre-Retogeum) tokens-worth approximately $4.8 million-were in the wallet when the thief struck. The Block reported that on-chaindata from Etherscan indicated that "the party who moved the funds first deposited a small amount of ETH into the wallet to cover transaction fees, then transferred the 4 million PRTG tokens out in three transactions."
On Sunday, officers with South Korea's National Tax Service posted [website in Korean --Ed] another press release, "deeply" apologizing for the leak compromising the seized assets.
In it, cops explained that they included the images to make the release more eye-catching, but they were careless in failing to redact the crypto wallet password from the images. They acknowledged there was no excuse for the error and confirmed they were launching an investigation with national police, attempting to trace the transfer and retrieve the lost funds.
Because the press release was widely circulated online, the thief could be anyone. South Korea's National Tax Service has no clear suspects, Gizmodo suggested, and no easy way to claw back funds.
The officials' best bet might be if the thief tries to move the stolen tokens through a regulated exchange, but The Block noted that the thief might struggle to convert that much cryptocurrency into cash under current market conditions. So seemingly, the thief, who likely wasn't expecting the big payday anyway, may be motivated to lie low and avoid major exchanges.
Cho suggested that cops could have easily prevented the theft, likening posting any image of the mnemonic recovery phrase to leaving a wallet wide open. He noted that the original holder of the Ledger wallet was following best practices by only recording the phrase on a handwritten note and not storing the password online. Cops should have known to check the images for the recovery phrase, Cho said, and their mistake will likely cost the national treasury billions of won.
It's possible that whoever took the cryptocurrency just seized on an opportunity after seeing the cops' failure to redact the images while scrolling through the National Tax Service's press releases at dawn. It's also possible that bad actors are closely monitoring South Korean police cryptocurrency announcements, following what The Block reported was "a series of crypto custody lapses."
doh!
Read more of this story at SoylentNews.