A 34-year-old ex-SAF Naval Diving Unit captain, Teo Rong Xuan, admitted in court that he broke into a man’s condo and photographed the hardware wallet recovery phrase. Using those words, he drained about 1.7 million USDT (roughly S$2.2 million) and moved the funds into his own wallets. He later spent large sums on luxury watches, gambling losses and mortgage payments.
What happened — quick timeline
- June 2022: Teo met the victim through a mutual friend.
- Dec 14, 2022: The victim deposited about 1.7M USDT into his offline (cold) wallet.
- Dec 18, 2022: The victim invited Teo and the mutual friend over to watch football. Teo arrived early and asked to borrow the condo access card. He didn’t give it back.
- Dec 31, 2022 (New Year’s Eve): While the victim was out, Teo used the retained access card to enter the unit, found the paper with the 24-word seed phrase, photographed it and left. The next day he imported the recovery words into his own hardware wallet and transferred the funds.
How Teo know where the seed phrase was hidden?
- He’d already scoped the place. On the earlier visit (Dec 18) he arrived first and kept the access card. That’s a perfect opportunity to casually look around later or to memorise likely hiding spots.
- He snooped while he had access. If you can get back into someone’s home with their card, a quick search of obvious places (bedside table, drawer, safe, study desk) is all it takes. Seed phrases are often written on paper and left in plain-ish spots.
- It was in an obvious spot. Many people treat a written seed phrase like a note and tuck it in an obvious drawer or under a book. If it wasn’t well-hidden, anyone with access could find it.
- He may have observed the owner’s habits. Seeing where the owner stores important stuff during a prior visit could point you straight to the paper.
- Less likely: inside help or social engineering. There’s no public evidence he asked someone where it was, but it’s always possible. Reports don’t confirm this.
How he spent the money
After the transfers, Teo converted part of the stolen crypto to cash and used the proceeds to:
- Pay off an HDB mortgage and top up his CPF.
- Cover big gambling losses at both Singapore Pools and illegal online gambling sites.
- Buy seven Rolex watches and put a down payment on an Audi A5.
- Channel some funds into a company listed as “capital investment” and “team technical expense.”
Discovery, confession and charges
The victim only noticed the missing Tether in March 2023 and reported the theft. Blockchain tracing linked fees and movement to addresses tied to Teo. When the victim confronted him, Teo confessed. He told investigators he had suffered big losses after the 2022 collapse of the FTX exchange — which he said pushed him into this crime. Teo pleaded guilty on Oct 1, 2025 to housebreaking, misusing a computer system and dealing with ill-gotten gains. He faces sentencing on 14 November 2025.
Military status and official response
Teo joined the Naval Diving Unit in 2010 and left the SAF in 2023. The Ministry of Defence confirmed he has been discharged and reiterated that service personnel are held to high standards of discipline and integrity.
What seed phrase actually is
- It’s a sequence of simple English words (common choices: 12, 18 or 24 words).
- It’s generated by your wallet using a standard (commonly called BIP39).
- Those words encode the private keys to your crypto funds. If you enter them into a compatible wallet, that wallet recreates the exact same addresses and gives full access.
Why it matters
- Whoever has the seed phrase controls the crypto. Simple as that.
- A seed phrase is not a password you can change. It is the account. Lose it or leak it = game over.
Hot wallet vs cold wallet
- Hot wallet = connected to the internet (phone apps, web wallets). Riskier.
- Cold wallet = offline hardware device or paper. More secure — if you protect the seed phrase properly.
Basic do’s and don’ts (read these)
Do:
- Write the phrase down on paper or use a metal backup.
- Store that copy in a safe place (safe, safety deposit box, or split across trusted places).
- Consider adding a passphrase (an extra word/password) for stronger security.
- Plan inheritance: tell a trusted person how to access it if needed.
Don’t:
- Don’t take photos, screenshots, or store it in cloud notes or email.
- Don’t share it — not with “helpful” strangers, not with friends, not with anyone.
- Don’t enter it on websites you don’t fully trust. Phishing is real.
Extra security options
- Use a reputable hardware wallet and keep the recovery phrase offline.
- Use Shamir’s Secret Sharing or split the phrase across multiple secure locations (advanced).
- Add a BIP39 passphrase (a.k.a. 25th word) for extra protection — but don’t forget that passphrase.
Why this case matters
- Seed phrases are like keys — not notes to stash on your bedside table. A physical copy is safer than a screenshot, yes, but if someone can access your home, a paper copy is useless.
- Self-custody demands paranoia. If you control your private keys, you also control the risk. Good security isn’t optional.
- Blockchain tracing works. Crypto crooks can convert and move funds, but on-chain footprints often lead investigators to off-ramps and fiat conversions. That’s how this case was cracked.
My take — blunt and simple
Look, this is a messy mix of bad choices and poor security. You don’t get sympathy points for being clever when you borrow someone’s access card and then exploit their trust. Two angles here:
- Personal security: If you keep serious money in a hardware wallet, treat the recovery phrase like the nuclear codes. Put it in a safe, or better, split it using a secure method. Nobody beyond a trustee should know all 24 words.
- Systemic lesson: Crypto’s promise of self-custody brings freedom — and responsibility. The tools are powerful, but the human element is often the weakest link. Tech can make mistakes harder to hide, and law enforcement plus blockchain investigators are getting better at following the money.
Also: gambling your way out of losses rarely works. It’s an ancient trap in a digital suit.
What to watch next
Teo’s sentencing on 14 Nov 2025 will determine how the courts balance the seriousness of the theft against his motives and conduct since. Restitution to the victim has not been reported. Expect the case to be referenced in future discussions about self-custody risks and personal security for crypto holders.
