Authorities in South Korea are investigating a major seized bitcoin theft after discovering tens of millions of dollars in crypto missing from official custody.
Gwangju prosecutors uncover missing Bitcoin during routine check
Officials at the Gwangju District Prosecutors’ Office in South Korea recently found that approximately 70 billion won, equal to $47.7 million worth of Bitcoin (BTC), had disappeared. The discovery came during a routine inspection of seized financial assets, according to multiple local media reports.
The bitcoin formed part of assets confiscated in a criminal case and was being held under state control. However, prosecutors only realized the funds were gone when they conducted a standard review and saw that the cryptocurrency was no longer in their custody.
According to local outlet The Chosun Daily, the missing funds were linked to a serious security breach. Moreover, an official from the prosecutors’ office confirmed that the loss stemmed from a crypto phishing attack that exposed access credentials.
Phishing website triggered the breach
The incident started when an agency worker accessed a fraudulent website that mimicked a legitimate service. This phishing page was specifically designed to trick users into entering sensitive details, including passwords or private key information tied to seized wallets.
Once the password was leaked externally, the attackers were reportedly able to move the seized Bitcoin out of official wallets. However, authorities have not yet disclosed the destination of the funds or which addresses received the stolen assets.
Phishing attacks of this kind are widespread across the cryptocurrency sector. Scammers regularly create fake websites or send convincing emails that appear authentic. That said, the scale of this government-linked compromise stands out, given it involved law enforcement-held funds.
Investigation by Gwangju prosecutors office
The Gwangju District Prosecutors’ Office has launched a formal investigation into how the bitcoin stolen korea incident unfolded. Officials have declined to reveal exactly when the cryptocurrency was seized or the precise amount that was originally under their control, citing an ongoing probe.
“We are conducting an investigation to track the circumstances and whereabouts of the seized items,” a prosecution official told Yonhap News. The spokesperson added that they cannot confirm further details while the investigation remains underway.
The case exposes potential weaknesses in seized crypto security at law enforcement agencies. Moreover, it raises questions about whether robust cold storage, multi-signature arrangements, or independent audits were in place to protect the digital assets.
Concerns over how seized cryptocurrency is stored
As global crypto adoption accelerates, law enforcement agencies worldwide are holding larger sums of confiscated tokens, including Bitcoin and other major assets. However, their custody frameworks are seldom fully disclosed, making it difficult for the public or experts to assess the underlying safeguards.
This lack of transparency may leave room for operational oversights, insider threats, or external attacks. In the South Korean case, the successful theft of government-held funds via a simple phishing link suggests that basic cyber hygiene and training might have been insufficient.
That said, many agencies now collaborate with specialized custodians or blockchain analytics firms to strengthen controls. The outcome of the Gwangju investigation could influence how other jurisdictions refine their procedures for managing digital evidence.
Phishing related losses and fraud trends in 2025
Despite the size of this theft, broader data indicates that phishing related losses in crypto have declined sharply. On-chain security platform Scam Sniffer reported that total losses from phishing attacks fell more than 80% in 2025.
According to the firm, aggregate losses dropped to $83.85 million in 2025, down from significantly higher levels in previous years. Moreover, the number of identified victims nearly halved, with the count falling by almost 70% to 106,000 people.
However, phishing is only one part of the broader digital crime landscape. Blockchain intelligence company Chainalysis estimates that various chainalysis crypto fraud schemes collectively drained around $17 billion from cryptocurrency users in 2025 alone.
Rise of AI-powered scams
The latest Chainalysis research highlights a sharp escalation in impersonation schemes and ai powered scams targeting crypto users. In 2025, impersonation scams surged by 1,400% year-over-year, underscoring the rapid industrialization of this criminal niche.
Criminal groups are increasingly deploying artificial intelligence tools to boost the sophistication and success rate of their operations. AI-enhanced attacks were found to be 4.5 times more effective than traditional techniques, making them far more lucrative for fraudsters.
These campaigns often leverage phishing-as-a-service kits, deepfake audio or video, and automated social engineering scripts. Moreover, they are frequently backed by professional money-laundering structures that move illicit proceeds through complex cross-chain and cross-border channels.
Implications for government-held digital assets
The seized bitcoin theft in South Korea underlines that even government entities are vulnerable when they manage large digital holdings without airtight security. If a single compromised password can unlock tens of millions of dollars, basic practices such as hardware wallets, segregated duties, and continuous staff training may need urgent reinforcement.
Going forward, regulators and law enforcement agencies are likely to face growing pressure to standardize best practices for storing confiscated cryptocurrency. However, designing resilient frameworks that keep up with evolving attack methods, including AI-driven scams, remains a significant challenge.
The ongoing probe at the Gwangju District Prosecutors’ Office will aim to trace the stolen funds and identify who orchestrated the breach. Its findings could shape future policy on digital asset management, both within South Korea and in other jurisdictions grappling with similar risks.
In summary, the phishing-enabled theft of $47.7 million in seized Bitcoin from South Korean prosecutors highlights mounting security pressures on public institutions, even as some crypto-related phishing metrics improved in 2025.
Source: https://en.cryptonomist.ch/2026/01/23/seized-bitcoin-theft-south-korea/