news

South Korea's National Tax Service Leaks Crypto Seed Phrase, $4.8M in Seized Tokens Drained Within Hours

Nidhi Saini
Published: February 28, 2026
5 min read
South Korea's National Tax Service Leaks Crypto Seed Phrase, $4.8M in Seized Tokens Drained Within Hours

STAY UPDATED WITH COTI

Follow COTI across social media platforms to get the latest news, updates and community discussions.

X IconFollow on XTelegram IconJoin Telegram
Facebook
Instagram
LinkedIn
YouTube

Summary:

  • National Tax Service accidentally exposed a crypto wallet seed phrase in an official press release.
  • Around 4 million PRTG tokens, worth roughly $4.8 million, were quickly transferred out of the wallet.
  • Onchain records show three inbound transfers followed by one full outbound transaction.
  • A blockchain researcher confirmed the loss, calling it a direct result of the leaked mnemonic.

A costly mistake by South Korea's tax authority has resulted in the loss of millions of dollars in seized cryptocurrency, after a wallet seed phrase was reportedly published in an official press release. According to multiple local media reports, including coverage on Naver, the National Tax Service (NTS) inadvertently revealed the full mnemonic phrase of a crypto wallet while announcing details of an enforcement campaign targeting tax delinquents. The error allegedly allowed unknown actors to access and drain tokens worth approximately $4.8 million. The incident is being described as one of the most serious custody lapses involving a government agency in the country's digital asset enforcement efforts.

How a Press Release Led to a Multimillion-Dollar Loss

The press release in question reportedly focused on the NTS's crackdown on individuals who had failed to pay taxes, outlining asset seizures that included cryptocurrency holdings. As part of the news, authorities shared images meant to demonstrate their enforcement process. However, one of those images allegedly showed a hardware wallet alongside a sheet of paper displaying the complete recovery phrase for the associated crypto address. The mnemonic - the sequence of words that acts as the master key to a wallet - was not blurred or masked.

Source

In cryptocurrency systems, a seed phrase provides full control over funds stored in a wallet. Anyone with access to that phrase can import the wallet on another device and transfer assets freely. Unlike traditional bank systems, blockchain transactions are irreversible once confirmed. Soon after the release was made public, blockchain observers identified suspicious activity connected to an Ethereum address tied to the leaked phrase. Onchain records indicate that the address briefly held 4 million PRTG tokens before the entire balance was moved out in a single transaction.

Data visible on Etherscan shows three incoming transfers totaling 4 million PRTG, followed by one outbound transfer sending exactly 4 million PRTG to another wallet. The pattern aligns with reports that the funds were drained shortly after the mnemonic became publicly accessible. PRTG, also known as Pre-Retogeum, was valued at approximately $4.8 million at the time of the transfer. Associate professor Jaewoo Cho of Hansung University's Blockchain Research Center analyzed the wallet movements and confirmed the loss. In a public statement on X, he wrote:

"We have confirmed that 4 million PRTG tokens, worth approximately $4.8 million, were stolen from the mnemonic that was leaked (disclosed) through a press release from the National Tax Service." Source

His assessment reinforced what many in the crypto community had already concluded - that the funds were accessed using the exposed recovery phrase.

A Blow to Digital Asset Custody Practices

The incident raises serious questions about how seized digital assets are handled and safeguarded by authorities. South Korea has been among the more proactive jurisdictions in enforcing tax and regulatory compliance within the crypto sector. The NTS has previously publicized enforcement actions involving asset freezes, exchange account seizures and the confiscation of digital holdings from individuals accused of tax evasion.

Yet the same transparency that is often used to signal enforcement strength appears to have backfired in this case. Cold wallets, such as hardware devices like Ledger units, are widely regarded as secure storage tools when used properly. Their security, however, depends entirely on keeping the seed phrase confidential. Publishing that phrase - even unintentionally - effectively eliminates any protective benefit the device offers. Unlike traditional financial systems where institutions can freeze or reverse unauthorized transfers, blockchain transactions operate on decentralized networks. Once tokens are transferred and confirmed, they cannot be clawed back without cooperation from the receiving party, which is rarely forthcoming in such cases.

Closing Thoughts 

The absence of such safeguards in this situation has led to a multimillion-dollar loss borne by state-controlled assets. It also underscores the unforgiving nature of blockchain custody. While the technology offers transparency and efficiency, it demands rigorous handling procedures. A single oversight can result in immediate and irreversible consequences. South Korea has worked to establish itself as a jurisdiction with structured oversight of digital assets. From exchange regulations to tax reporting requirements, authorities have sought to project control over a fast-moving sector. The case may lead to calls for stricter internal controls, improved training and clearer protocols for managing seized crypto assets.

As investigations continue, questions remain about who ultimately received the transferred tokens and whether any recovery efforts are underway. Given the pseudonymous nature of blockchain addresses, identifying the recipient may prove challenging unless additional evidence surfaces. For the National Tax Service, this incident marks a painful lesson in the importance of operational discipline in an era where financial enforcement increasingly intersects with decentralized technology.

READ MORE: Vitalik Buterin Highlights COTI's Garbled Circuits - Is COTI Leading Web3’s Next Privacy Breakthrough?

Related Topics

#South Korea#National Tax Service#Crypto Seed Phrase#Hack#Crypto Theft

About the Project

Crypto News

About the Author

Nidhi Saini

Nidhi Saini

Nidhi Saini is a writer and co-founder of CotiNews, with over four years of experience working in Web3 marketing. She brings a practitioner’s perspective to her writing, shaped by years spent understanding how blockchain products are positioned, communicated, and adopted. As a co-founder, she is also involved in shaping the platform’s editorial direction, ensuring the publication stays thoughtful, credible, and grounded.

View all articles

Disclaimer

The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official stance of CotiNews or the COTI ecosystem. All content published on CotiNews is for informational and educational purposes only and should not be construed as financial, investment, legal, or technological advice. CotiNews is an independent publication and is not affiliated with coti.io, coti.foundation or its team. While we strive for accuracy, we do not guarantee the completeness or reliability of the information presented. Readers are strongly encouraged to do their own research (DYOR) before making any decisions based on the content provided. For corrections, feedback, or content takedown requests, please reach out to us at

contact@coti.news

Stay Ahead of the Chain

Subscribe to the CotiNews newsletter for weekly updates on COTI V2, ecosystem developments, builder insights, and deep dives into privacy tech and industry.
No spam. Just the alpha straight to your inbox.

We care about the protection of your data. Read our Privacy Policy.