qerranews 
Millions in Seized Bitcoin Missing
South Korean prosecutors are investigating a major security breach after millions of dollars worth of seized Bitcoin went missing from government custody. The theft was discovered during a routine inspection of confiscated financial assets, raising serious concerns about how authorities safeguard digital assets.
According to reports, officials from the Gwangju District Prosecutors’ Office found that around 70 billion won (approximately $47.7 million) worth of Bitcoin had disappeared. The funds were previously seized in connection with a criminal investigation, but exact details surrounding the original seizure remain undisclosed due to the ongoing probe.
The incident highlights growing risks for government agencies that manage crypto assets without transparent custody frameworks or advanced security practices.
Phishing Attack Led to Breach
Local media outlet The Chosun Daily reported that the Bitcoin theft occurred after sensitive credentials were leaked externally. Investigators believe the breach was caused by a phishing attack, where an agency worker unknowingly accessed a malicious website designed to mimic legitimate services.
Phishing remains one of the most common and effective cyberattack methods in the crypto sector. Attackers typically impersonate trusted websites or send fake emails to trick users into revealing private keys, passwords, or authentication details. Once attackers gain access to wallets, stolen funds can be rapidly transferred and laundered through multiple blockchain addresses, making recovery difficult.
In this case, a compromised password may have provided attackers with direct access to the seized Bitcoin wallet, leading to the loss.
Prosecutors Launch Investigation
Authorities have confirmed that a formal investigation is underway to trace the stolen Bitcoin and determine how the breach occurred. A prosecution official told Yonhap News that investigators are working to identify the circumstances and track the whereabouts of the seized crypto assets.
Officials declined to provide additional details about when the Bitcoin was seized or the exact amount lost, citing the sensitivity of the ongoing investigation. Transparency is limited, but the case is already drawing widespread attention due to the scale of the loss and the implications for government crypto custody practices.
Crypto Phishing Losses Declined in 2025
Interestingly, the incident comes amid a broader decline in phishing-related crypto losses. Blockchain security platform Scam Sniffer recently reported that crypto losses tied to phishing attacks fell by more than 80% in 2025, dropping to $83.85 million. The number of victims also decreased by nearly 70% to around 106,000.
Despite the decline, phishing remains a persistent threat, especially for institutional holders of crypto assets. Governments and law enforcement agencies are increasingly becoming attractive targets due to the large amounts of seized cryptocurrency they manage.
This South Korea case demonstrates that even state institutions are vulnerable to social engineering attacks, underscoring the importance of strong cybersecurity protocols.
Law Enforcement Holding Massive Crypto
As global crypto adoption grows, law enforcement agencies worldwide are seizing and holding billions of dollars in digital assets. However, many agencies do not publicly disclose their custody methods, leading to questions about security standards and transparency.
For example, Coinbase announced last year that it helped the US Secret Service seize $225 million in crypto linked to scams, marking the agency’s largest crypto seizure. Similarly, UK authorities debated whether to retain $6.4 billion in seized Bitcoin instead of compensating fraud victims, after confiscating the funds from a massive scam operation targeting over 128,000 investors in China.
These cases illustrate how governments are becoming major custodians of crypto assets, sometimes holding amounts comparable to large institutional investors.
Security Risks in Government Crypto Custody
The South Korean phishing incident raises critical questions about how governments manage seized cryptocurrency. Unlike traditional assets stored in banks or vaults, crypto requires secure key management, multi-signature wallets, hardware storage, and strict access controls.
If custody frameworks are poorly designed or reliant on human processes without robust safeguards, the risk of phishing, insider threats, or technical errors increases significantly. Unlike cash or physical assets, stolen crypto can be transferred globally within minutes, often without the possibility of reversal.
Experts argue that governments should adopt institutional-grade custody solutions similar to those used by major crypto exchanges and custodians. These solutions include cold storage, multi-party computation (MPC), hardware security modules, and strict operational procedures to prevent single points of failure.
Implications for Crypto Regulation
This incident may influence how regulators approach crypto custody rules, particularly for government agencies and financial institutions. As governments continue to seize and manage digital assets, regulators may push for standardized custody frameworks, audits, and transparency requirements.
The breach could also impact public trust in government crypto management. If authorities cannot secure seized assets, critics may question whether governments are prepared to regulate and oversee the crypto industry effectively.
At the same time, the case highlights the need for cybersecurity training among government employees. Phishing attacks often exploit human error, making education and awareness a critical defense layer.
A Wake-Up Call for Authorities
South Korea’s Bitcoin phishing heist serves as a stark reminder that cybersecurity risks extend beyond private companies and individual investors. Government agencies are increasingly becoming major crypto custodians, and with that role comes heightened responsibility and exposure to sophisticated cyber threats.
As crypto adoption continues to expand, authorities worldwide must strengthen custody practices, implement institutional-grade security measures, and increase transparency around seized digital assets. Failure to do so could result in further high-profile losses and undermine confidence in the ability of governments to manage the digital economy.