South Korea NTS mnemonic leak led to $4.8M PRTG theft
According to FinanceFeeds, news/south-korea-unites-forces-combat-crypto/”>south korea’s National Tax Service (NTS) accidentally revealed a crypto wallet seed phrase in an official press release in February 2026, triggering unauthorized transfers of roughly 4 million PRTG tokens valued near $4.8 million. The phrase appeared in a publicly distributed image, enabling an immediate wallet takeover and rapid outflows. The case centers on the PRTG token and a single compromised wallet.
This was a disclosure-control failure with direct financial consequences and a clear root cause: exposure of a recovery phrase. It underscores how sensitive key material must never transit public channels, even inadvertently. Once published, remediation windows narrow to seconds, not hours.
Why a leaked mnemonic grants full wallet control
A wallet mnemonic (seed phrase) is a human-readable representation of the entropy used to deterministically derive private keys. Anyone who obtains it can reconstruct the wallet, sign transactions, and move assets without further authentication. In practice, the mnemonic is the master secret.
In standard single-signature setups, a holder of the mnemonic can authorize transfers indistinguishably from the legitimate custodian. Public blockchains are permissionless and do not distinguish rightful control, nor do they support reversal of validly signed transfers. The only effective response is to sweep assets to a new wallet generated from uncompromised secret material.
Immediate impact: ~4M PRTG stolen; broader risk appears limited
The immediate loss totals roughly 4 million PRTG, about $4.8 million. Although other recovery phrases were also exposed, the broader risk currently appears limited based on available expert assessments.
An academic who reviewed the incident said the theft stemmed from the leaked phrase, while collateral exposure is unlikely to trigger further major losses. “We have confirmed that 4 million PRTG tokens, worth approximately $4.8 million, were stolen from the mnemonic that was leaked … [other exposed mnemonics] do not seem likely to cause any major issues … a blessing in disguise,” said Jaewoo Cho, Associate Professor at Hansung University.
At the time of this writing, shares of Coinbase Global, Inc. closed around $183.94, within a $169.75–$185.82 intraday range, based on NasdaqGS data. This provides neutral, contextual market background around the timing of the incident.
Custody failures and fixes for public sector crypto
What went wrong: disclosure lapses and insecure key handling
As reported by Bitget News, the mnemonic appeared in NTS news materials, a lapse tantamount to publicly disclosing a wallet key. Local scholars criticized the handling as evidence of weak digital-asset security literacy in official processes.
Operationally, such exposure suggests inadequate pre-publication redaction controls and insufficient segregation of duties over key material. It also indicates missing checklists for media handling of sensitive artifacts.
Mitigations: multisig, HSMs, air-gapped signing, rotation, redaction
Multisignature policies reduce single-point compromise; two-of-three or three-of-five schemes ensure one leaked mnemonic cannot spend alone. Institutional-grade hardware security modules can hold keys in tamper-resistant hardware with role-based access and audit trails.
Air-gapped signing tools prevent keys from touching internet-connected systems. Enforced key-rotation playbooks, including immediate sweeps on exposure, limit attacker dwell time and reduce loss magnitude.
Public-sector disclosure hygiene matters: redact or crop images, forbid embedding secrets in screenshots, and require dual approval before releasing media. Maintain incident logs and postmortems to strengthen controls over time.
FAQ about South Korea National Tax Service (NTS)
How many PRTG tokens were stolen and what is the estimated USD loss?
About 4 million PRTG were stolen, estimated at approximately $4.8 million.
Are other wallets at risk from the exposed mnemonics, and has any further theft occurred?
Other exposed mnemonics appear unlikely to cause major issues, and no further related theft has been reported.
| DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing. |
Other Posts
- Amplify 2024: Ohio’s Premier Blockchain Summit
- Polymarket Announces U.S. Beta Relaunch Amid Market Buzz
- China, US Conclude Trade Talks with Focus on Cooperation
- Michael Saylor Denies Bitcoin Sell-Off Amid Large BTC Transfer
- Court Upholds Fed’s Rejection of Custodia Bank’s Request
- EU Opens Antitrust Probe Into Deutsche Boerse and Nasdaq Derivatives Dealings
- Kazakhstan Explores Crypto Reserves Backed by National Funds
- Nordea Bank Introduces Bitcoin ETP Trading for Nordic Customers
- JPMorgan Increases Holdings in BlackRock’s Bitcoin ETF
- Crypto Leaders Address Macro Volatility Amid Market Shifts
- JPMorgan Chase Launches 24/7 Digital Deposit Token for Clients
- U.S. Treasury Proposes New Tax Relief Regulations
- Radiant Capital Faces $50M Loss in Major Security Breach
- SEGG Media Unveils $300 Million Crypto Reserve Plan
- 21Shares Files S-1 With SEC to Launch Hyperliquid ($HYPE) ETF
- Hong Kong Sentences Influencer for Unlicensed Investment Advice
- Franklin Templeton Signals TradFi and Crypto Integration
- Former CFO Convicted for $35M Fraudulent Crypto Investment
- XRP Spot ETF Launches on Nasdaq Amid Market Fluctuations
- MicroStrategy Retains Spot in Nasdaq 100 Amid Criticism
- Amplify 2024: Ohio’s Premier Blockchain Summit
- Polymarket Announces U.S. Beta Relaunch Amid Market Buzz
- China, US Conclude Trade Talks with Focus on Cooperation
- Michael Saylor Denies Bitcoin Sell-Off Amid Large BTC Transfer
- Court Upholds Fed’s Rejection of Custodia Bank’s Request
- EU Opens Antitrust Probe Into Deutsche Boerse and Nasdaq Derivatives Dealings
- Kazakhstan Explores Crypto Reserves Backed by National Funds
- Nordea Bank Introduces Bitcoin ETP Trading for Nordic Customers
- JPMorgan Increases Holdings in BlackRock’s Bitcoin ETF
- Crypto Leaders Address Macro Volatility Amid Market Shifts
- JPMorgan Chase Launches 24/7 Digital Deposit Token for Clients
- U.S. Treasury Proposes New Tax Relief Regulations
- Radiant Capital Faces $50M Loss in Major Security Breach
- SEGG Media Unveils $300 Million Crypto Reserve Plan
- 21Shares Files S-1 With SEC to Launch Hyperliquid ($HYPE) ETF
- Hong Kong Sentences Influencer for Unlicensed Investment Advice
- Franklin Templeton Signals TradFi and Crypto Integration
- Former CFO Convicted for $35M Fraudulent Crypto Investment
- XRP Spot ETF Launches on Nasdaq Amid Market Fluctuations
- MicroStrategy Retains Spot in Nasdaq 100 Amid Criticism
- Amplify 2024: Ohio’s Premier Blockchain Summit
- Polymarket Announces U.S. Beta Relaunch Amid Market Buzz
- China, US Conclude Trade Talks with Focus on Cooperation
- Michael Saylor Denies Bitcoin Sell-Off Amid Large BTC Transfer
- Court Upholds Fed’s Rejection of Custodia Bank’s Request
- EU Opens Antitrust Probe Into Deutsche Boerse and Nasdaq Derivatives Dealings
- Kazakhstan Explores Crypto Reserves Backed by National Funds
- Nordea Bank Introduces Bitcoin ETP Trading for Nordic Customers
- JPMorgan Increases Holdings in BlackRock’s Bitcoin ETF
- Crypto Leaders Address Macro Volatility Amid Market Shifts
- JPMorgan Chase Launches 24/7 Digital Deposit Token for Clients
- U.S. Treasury Proposes New Tax Relief Regulations
- Radiant Capital Faces $50M Loss in Major Security Breach
- SEGG Media Unveils $300 Million Crypto Reserve Plan
- 21Shares Files S-1 With SEC to Launch Hyperliquid ($HYPE) ETF
- Hong Kong Sentences Influencer for Unlicensed Investment Advice
- Franklin Templeton Signals TradFi and Crypto Integration
- Former CFO Convicted for $35M Fraudulent Crypto Investment
- XRP Spot ETF Launches on Nasdaq Amid Market Fluctuations
- MicroStrategy Retains Spot in Nasdaq 100 Amid Criticism
Latest
Press Release
Decibel Launches Fully Onchain Perpetuals Exchange on Aptos Mainnet
Bybit Unveils 2025 Security Milestone: Intercepts $300M in Impersonalization, Scams and Frauds via New AI-Driven Risk Framework
