- Trending
- Comments
- Latest
South Korean prosecutors have launched a criminal investigation after approximately $49 million worth of seized Bitcoin was stolen from government custody in Gwangju following a phishing attack that compromised private key credentials.
The theft, which occurred in mid-2025, has exposed critical vulnerabilities in how authorities secure cryptocurrency confiscated during criminal proceedings and raised questions about whether existing safeguards are adequate for managing digital assets.
According to information released by prosecutors and corroborated by internal and media sources, multiple Bitcoins seized during earlier criminal proceedings were removed from government custody after private key credentials were exposed in a phishing attack. The breach reportedly occurred in mid-2025, though investigators have not disclosed an exact date.
The Gwangju District Prosecutors’ Office confirmed it is “investigating the disappearance of Bitcoin seized from government custody,” signaling that the matter is being treated as a serious internal and criminal security failure.
Once the private keys were compromised, the assets were transferred out of official wallets, transactions that blockchain records suggest cannot be reversed.
Officials have not publicly confirmed the precise number of Bitcoins lost. However, media reports and internal assessments estimate the value of the missing assets at approximately $48–49 million at the time of discovery.
Prosecutors have declined to validate those figures, citing the ongoing nature of the investigation, but have not disputed that the losses are substantial.
The Gwangju Bitcoin disappearance has drawn attention because the assets were already under state control, meaning they should have been protected by higher-than-average security standards.
At the core of the Gwangju Bitcoin disappearance is a phishing attack that allegedly exposed private key credentials linked to the seized assets. Investigators believe the attackers gained access by deceiving an authorized handler or exploiting weak internal security protocols.
In a summary of the incident, officials noted that “private key credentials were exposed in a phishing attack, resulting in irreversible transfers,” underscoring the technical reality that once cryptocurrency keys are compromised, control of the assets can be permanently lost.
The incident highlights a broader challenge facing public institutions worldwide: safely managing digital assets that require specialized technical expertise. Unlike traditional seized property, cryptocurrencies demand strict key management, multi-signature authorization, and isolation from internet-connected systems.
The Gwangju Bitcoin disappearance suggests that, at least in this case, those protections were either insufficient or improperly enforced, allowing attackers to move funds without triggering immediate alarms.
The investigation comes at a sensitive time for South Korea’s digital asset regulations. In recent years, authorities have expanded laws that treat cryptocurrencies as property subject to seizure, forfeiture, and liquidation.
The Gwangju Bitcoin disappearance therefore raises concerns about whether enforcement agencies are adequately prepared to handle the responsibilities that come with those powers.
While prosecutors have not announced disciplinary actions or named suspects, they are expected to review internal custody procedures and access controls as part of the probe.
The case may also prompt broader reforms, including centralized custody standards or the use of specialized third-party custodians for seized digital assets.
Media outlets citing internal sources described the missing funds as “roughly $48–49 million,” a figure that, if confirmed, would make the Gwangju Bitcoin disappearance one of the most significant known losses of state-held cryptocurrency in South Korea.
