In South Korea, the Gwangju District Prosecutor’s Office has largely recovered approximately $21 million worth of Bitcoin that was stolen during a cyberattack last year. These Bitcoins had been seized as part of state-led operations against cybercrime and were among assets held in official custody by the government.
Phishing Attack Exposes Systemic Security Weakness
Back in August 2025, a government employee inadvertently caused a major security lapse during a routine review when they entered a recovery phrase for a digital wallet into a phishing site. This critical error allowed an attacker to take over the wallet and access all its cryptocurrency holdings. As a result, control over roughly 320 Bitcoins shifted to the malicious party in a single move.
Swift Moves Help Authorities Recover Assets
Once the breach was identified, prosecutors swiftly took action, blocking attempts to cash out the stolen Bitcoin at leading cryptocurrency exchanges. This measure prevented the attacker from liquidating the assets easily, and ultimately led to the Bitcoin being transferred back into wallets overseen by South Korean authorities.
Nevertheless, blockchain analytics companies soon identified that only a short time after the recovery, the 320 Bitcoins were moved to yet another new address. This unusual transfer prompted a fresh internal audit into how digital assets are stored after being reclaimed.
The high-profile case has sparked renewed debate nationwide about the safeguards in place for digital assets entrusted to South Korea’s official institutions. In light of the incident, prosecutors are carefully reevaluating internal procedures—focusing particularly on how recovery phrases are preserved and updating defenses against phishing threats.
Authorities have yet to determine the identities of those responsible for the cyberattack. Investigations remain ongoing, with officials reassuring the public that efforts to trace the culprits are continuing.
Custody Concerns Rise for Public and Private Crypto Assets
This latest incident comes in the wake of a series of security setbacks at public agencies and major cryptocurrency exchanges since the beginning of 2026. In February, police revealed that 22 Bitcoins had gone missing from state-held reserves due to a custodial error. Around the same period, major exchange Bithumb mistakenly distributed a large amount of Bitcoin as a result of a system error, though most of the misplaced funds were quickly recovered.
Such recurring incidents have forced both government bodies and the private sector to take a closer look at safeguarding standards for cryptocurrencies. Prosecutors, as well as other public agencies, are now working to overhaul protocols to reinforce the secure storage and protection of digital assets under their supervision.
