Since the press release was widely circulated online, the thief could have been anyone. Gizmodo suggested that South Korea’s National Tax Service has no obvious suspects, and no easy way to get the money back.
Authorities’ best bet may be that the thief tries to move the stolen tokens through a regulated exchange, but The Block notes that the thief may have difficulty converting so much cryptocurrency into cash under current market conditions. It appears that the thief, who was likely not expecting a big payday, may have been motivated to lie less and avoid larger exchanges.
Cho suggested that police could have easily prevented the theft, comparing posting any image of the mnemonic retrieval phrase to leaving a wallet open. He noted that the original holder of the Ledger wallet was only following best practices by recording the phrase on a handwritten note and storing the password online. Police should have checked the images for the recovery phrase, Cho said, and their mistake would have cost the national treasury billions of dollars.
It’s possible that whoever took the cryptocurrency took advantage of an opportunity after seeing the police’s failure to edit images while scrolling through the National Tax Service’s press releases at dawn. It’s also possible that bad actors are closely monitoring South Korean police cryptocurrency announcements, after The Block reported “a series of crypto custody lapses.”
In January, Gwangju authorities were forced to investigate after “a large amount of seized Bitcoin was lost,” The Block reported. This is believed to be linked to a phishing attack targeting Coinbase, but perhaps indicates that police were not always adequately securing the seized assets.
Even more troubling, police in Seoul’s Gangnam district were forced to launch an internal investigation last month after 22 seized bitcoins went missing, The Block reports. That case also involved a cold wallet that suddenly disappeared without a physical device outside of police control, potentially indicating that some sensitive information was not handled securely.
In the latest press release, National Tax Service officials said they are strengthening internal controls and on-the-job training to prevent future leaks.
<a href