
The Korea National Tax Service (NTS) announced on February 26th that it had seized digital assets. A photo clearly shows a Ledger hardware wallet next to a 12-word recovery seed phrase, which was immediately exploited by unknown individuals. They transferred 4 million Pre-Retogeum (PRTG) tokens, valued at approximately $4.8 million USD, out of the wallet. The tokens have since been returned to the original wallet. This incident highlights serious operational security flaws in government agencies’ management of digital assets.

The Korean NTS announced they seized about 8.1 billion KRW (around $5.6 million USD) in crypto assets from a tax evader and published photos of the seized items in their press release. The problem lies in one photo labeled “Case 3” — it clearly shows a Ledger hardware wallet and a handwritten note beside it, listing the full 12-word recovery seed phrase.
A local professor directly compared this mistake to “an open invitation for others to empty your wallet.” Once the seed phrase is leaked, anyone can restore the wallet on any device and fully control the assets — the physical security of the hardware wallet is instantly nullified.
On-chain data shows that shortly after the photo was published, an unknown person sent a small amount of ETH to the wallet to pay gas fees, then transferred 4 million PRTG tokens to a new address. This amount accounts for about 40% of the total PRTG supply.
Although the tokens were later sent back to the original wallet, the incident sparked widespread discussion. It remains unclear whether this was a white-hat hacker revealing a vulnerability in good faith or an attacker realizing that PRTG’s market liquidity was extremely low and difficult to cash out, leading to the return.
There is a significant gap between the nominal value of PRTG tokens and their actual market liquidity: the only active trading pair has very low volume, and even small sell orders can drastically lower the price. Large-scale cashing out is nearly impossible. This means the $4.8 million USD nominal loss does not equate to an equivalent amount of actual liquidatable assets.
A seed phrase (Mnemonic Phrase) is a recovery phrase composed of 12 to 24 English words that can restore a crypto wallet. Anyone holding this phrase can fully recover and control the wallet on any device. Physical security measures of hardware wallets like Ledger cannot prevent seed phrase leaks — once exposed, all security protections are effectively nullified.
Nominally, yes — about $4.8 million USD. However, due to extremely low liquidity in the PRTG market, the actual cash that could be realized is much lower than the nominal value. On-chain data shows the tokens were ultimately returned to the original wallet, so no permanent financial loss occurred. Nonetheless, the security breach and operational oversight are undeniably serious.
This incident highlights systemic risks when government agencies handle digital assets without proper technical safeguards. Key lessons include: all sensitive information (including seed phrases and private keys) must be strictly concealed when displaying seized assets; agencies should establish professional digital asset custody procedures rather than relying on traditional physical confiscation standards.
Related Articles
Vitalik Ethereum Scalability Plan Revealed: Preventing Large Operators from Monopolizing Nodes
Vitalik Announces Ethereum Expansion Blueprint: Glamsterdam Changes Gas Mechanism, ZK-EVM Allows Nodes to Verify Without Re-Execution
Yesterday, Ethereum spot ETF experienced a net outflow of $43.6 million.
Vitalik Buterin Accelerates $ETH Sell-Off Again — What’s Behind the Move?
Ethereum Foundation Launches Project Odin to Diversify Funding for Infrastructure and Public Goods Teams