Cold wallets are still there, but Bitcoin has vanished? 22 BTC mysteriously disappeared from Seoul Gangnam Police Station, with South Korean authorities losing nearly $50 million worth of coins in six months

South Korea’s Gangnam Police Station in Seoul has confirmed that 22 Bitcoins stored in cold wallets since 2021 were transferred under unknown circumstances, valued at over $1.4 million. Strangely, the USB cold wallet used to store the private keys remains in police custody, but the coins have vanished. Additionally, after the Gwangju Prosecutor’s Office previously had approximately $47.7 million worth of seized Bitcoin stolen via phishing attacks, Korean law enforcement agencies have lost nearly $50 million in crypto assets within half a year.

(Background: She bought a “black-hearted cold wallet” on JD.com, and the 4.35 BTC stored inside disappeared.)

(Additional context: Job interview turned out to be a North Korean hacker trap! PurpleBravo infiltrated over 3,100 IP addresses, with AI and crypto companies as the biggest targets.)

Table of Contents

• Gwangju Prosecutor’s Office’s $47.7 million “Phishing” incident
• Hacker or “Insider”?
• Trust Crisis in Korea’s Crypto Regulation

According to The Block, Seoul’s Gangnam Police Station confirmed that the 22 Bitcoins voluntarily surrendered by a suspect during an investigation in 2021 were transferred from the custody wallet under unknown circumstances, worth over $1.4 million (about 2.1 billion KRW).

The most puzzling part is that the USB cold wallet device used to store the private keys is still in Gangnam Police’s possession, yet the Bitcoins inside are gone. This suggests that someone obtained the private keys at some point and completed on-chain transfers, but it is unclear whether this “someone” was an external attacker.

Currently, the Northern Gyeonggi Provincial Police Agency has launched an official internal investigation, examining access logs, wallet key management procedures, and any evidence of internal involvement. Authorities have not yet disclosed details about the fund flow or potential suspects.

Gwangju Prosecutor’s Office’s $47.7 million “Phishing” Incident

This is not the first time Korean law enforcement has “lost” seized crypto assets.

Previously, the Gwangju Prosecutor’s Office experienced a larger-scale Bitcoin theft, where approximately 70 billion KRW (about $47.7 million) in seized Bitcoin was stolen in mid-2025, only discovered during routine audits.

Officially, the incident was attributed to “phishing attacks,” where staff, while inspecting seized crypto assets, accidentally visited a phishing website, leading to the leakage of private key credentials, and the Bitcoin was irreversibly transferred out. Even more astonishing, the office reportedly stored Bitcoin-related passwords directly on USB drives, indicating a lack of proper cybersecurity protocols.

Hacker or “Insider”?

Combining both incidents, Korean law enforcement has lost nearly $50 million in seized crypto assets in less than half a year. Both cases share suspicious common points:

• Cold wallets are in place, yet the coins are missing. Cold wallets are designed for offline storage, theoretically inaccessible remotely by external hackers.
• Private key management is extremely lax. Passwords stored on USBs, cold wallets kept in offices—any authorized personnel could have tampered.
• The incidents were only discovered long after they occurred. The Gangnam coins have been stored since 2021, and the Gwangju case was only uncovered during routine review.
• Fund flows are unclear. No on-chain tracking results have been publicly released.

These signs raise questions: Are these external attacks, or insider theft?

Trust Crisis in Korea’s Crypto Regulation

Ironically, South Korea has been one of the strictest countries globally regarding cryptocurrency regulation. Last year, it passed the first phase of the “Digital Asset Basic Act,” requiring exchanges and custodians to adhere to strict asset custody standards. Yet now, even the police station and prosecutor’s office responsible for enforcement cannot safeguard their own Bitcoin holdings.