South Korea’s Gwangju District Prosecutors’ Office has lost a significant amount of Bitcoin that was seized during a criminal investigation, according to multiple local media reports on Jan. 22.
The case highlights a critical gap in how law enforcement agencies handle digital asset custody.
Sponsored
Sponsored
Phishing Attack Suspected
The prosecutors’ office recently discovered that Bitcoin held in custody had disappeared. The loss is believed to have occurred around mid-2025. Investigators suspect the office fell victim to a phishing attack after accidentally accessing a scam website during a routine inspection of seized assets.
The prosecutors have declined to confirm the exact amount lost. However, sources suggest the figure could reach tens of millions of dollars. One prosecution official told local media that internal estimates put the loss at approximately 70 billion won ($48 million).
“We are conducting an investigation to track the circumstances of the loss and the whereabouts of the assets,” a prosecution official said, declining to provide further details.
Questions Surrounding Crypto Custody Protocols
The incident raises fundamental questions about how law enforcement agencies handle seized cryptocurrency.
The first concern is whether the prosecutors followed proper seizure procedures. If prosecutors simply confiscated a USB device containing wallet information without transferring the Bitcoin to a separate custody wallet, the original owner could potentially withdraw the assets using a backup private key stored elsewhere. In such cases, the seizure would be incomplete from the start.
Sponsored
Sponsored
The wallet creation environment also matters. If a new custody wallet was created on an internet-connected computer, the private keys may have been exposed from the moment of generation. Standard security practice requires creating wallets in an air-gapped environment, completely isolated from any network connection.
Private key storage presents another vulnerability. Keeping keys on network-connected devices or cloud storage creates significant hacking risks. The proper approach involves recording keys on physical media, such as paper, and storing them in a location completely disconnected from the internet.
Access control is equally critical. Private keys can be copied in seconds if someone gains even brief access. The fact that officials reportedly accessed a scam website during a routine check suggests gaps in internal security training and access management protocols.
Broader Implications for Law Enforcement
This case highlights a growing challenge for authorities worldwide. As cryptocurrencies become increasingly involved in criminal cases, law enforcement agencies must develop robust custody solutions that meet the security standards for the assets they handle.
Traditional evidence storage protocols do not translate directly to digital assets. Unlike physical evidence locked in a secure room, cryptocurrency requires active security measures to prevent unauthorized transfers.
The Korean prosecutors’ office has not disclosed whether it followed established cryptocurrency custody guidelines or what security measures were in place. The ongoing investigation may reveal systemic vulnerabilities that extend beyond this single incident.
For now, the case serves as a cautionary example of what can go wrong when conventional institutions handle unconventional assets without adequate preparation.
Source: https://beincrypto.com/south-korean-prosecutors-lose-seized-bitcoin/