South Korea’s National Tax Service has attracted attention due to recent security vulnerabilities. After the key to a digital asset wallet seized by the institution was leaked to the press, crypto assets with a total value of 4 million PRTG tokens were stolen twice in a row. The incident in question brought the debates about the competence of public institutions in the management of digital assets to the agenda again.
Consecutive Loss of PRTG Tokens
The events were revealed in a press conference that started on February 26. The National Tax Service shared photos of a cold wallet it was holding in its hand to show seizure operations against high-amount tax debtors. However, these images also included the 24-word main recovery code that provides access to the cryptocurrencies in the wallet.
According to blockchain analysis and police reports, a person who obtained this sensitive information in a short time transferred all PRTG tokens in the relevant wallet to his own account on February 27. This person claimed that he was an ordinary investor and the next day, he contacted the press and the police and stated that he bought the tokens in question easily.
The person who handed over his account announced that he sent all 4 million PRTG tokens he obtained back to the Tax Service’s wallet. However, within just two hours after the refund, another person transferred the tokens to another account using the same vulnerability.
Systemic Security Weakness
Experts in the field of security criticized the Tax Service for holding returned assets without moving them to a new secure wallet. The leak of the same key allowed a second cyber attacker to access the wallet. While the Tax Service stated that it could not provide details about the incident, it underlined that there was no additional administrative error during the second transfer.
The stolen PRTG tokens are traded only on one platform, MEXC. Professor Cho Jae-woo from Hansung University stated that the market value of the relevant tokens is theoretical, and in practice, if a sale of this size is made, the price of the asset will drop rapidly.
Official Apology and Investigation from the Institution
The National Tax Service accepted full responsibility in a statement published on March 1. The institution emphasized that it was its own fault that the confiscated photographs were shared without being examined. He also announced that an external, independent security audit will be carried out and preliminary audit processes will be strengthened.
“This incident is entirely the fault of the National Tax Service.”
The institution requested a police investigation and the Anti-Cyber Terrorism unit launched a preliminary investigation into the matter. Police are investigating which media outlets accessed the high-resolution photos and who had access to these keys.
On the other hand, in recent months, the prosecutor’s office in the country lost 320 bitcoins that were temporarily confiscated, and a police station lost 22 bitcoins stored in a safe. Thus, it was noted that South Korea’s main investigation and enforcement agencies repeatedly experienced problems in crypto asset custody processes. Analysts evaluate that institutions should quickly strengthen their technical and operational capacities against the increasing use of crypto assets in tracking criminal proceeds.
