A former captain in Singapore’s elite Naval Diving Unit has been sentenced to 82 months (six years and 10 months) in prison for orchestrating a calculated crypto theft involving 1.7 million USDT from a former business associate’s cold wallet. The case has drawn significant attention because it combined traditional housebreaking with cryptocurrency exploitation.Teo Rong Xuan, 35, pleaded guilty to six charges, including housebreaking with intent to commit theft, securing access to a cryptocurrency cold wallet to commit theft, and four counts of money laundering. Another 10 related charges were taken into consideration during sentencing.The victim, Xuan Songtao, a 30-year-old Chinese national, had previously co-founded an NFT marketplace with Teo. The two became acquainted in June 2022 through a mutual friend and later collaborated in the crypto space.
How the Cold Wallet Was Compromised
Following the collapse of FTX in late 2022, Xuan became increasingly concerned about exchange security and decided to move his digital assets into cold storage. He deposited approximately 1.7 million USDT into a Ledger Nano X hardware wallet on 14 December 2022. The wallet’s 24-word recovery seed phrase was handwritten on paper and stored inside a box in his condominium wardrobe.
Teo learned about the storage arrangement after discussions with Xuan regarding crypto security. On 18 December 2022, during a football match gathering at Xuan’s condominium, Teo retained the apartment access card after helping another guest enter the premises. Nearly two weeks later, on New Year’s Eve, while Xuan was out watching fireworks at Marina Bay, Teo used the access card to enter the apartment secretly.
He searched the residence, located the Ledger wallet and the written seed phrase, photographed the recovery phrase, and returned everything to its original place. On 1 January 2023, Teo used the photographed seed phrase to transfer the entire 1.7 million USDT into wallets under his control.Xuan discovered the missing funds on 23 March 2023.
Lavish Spending and Massive Gambling Losses
Teo spent substantial portions of the stolen funds on luxury purchases and personal financial obligations, including an Audi A5, multiple high-end watches (including Rolex models), repayment of his HDB housing mortgage, CPF account top-ups, debt settlements, and investments linked to the NFT business.
Approximately S$1.57 million was lost through both legal and illegal gambling activities. As a result, most of the stolen funds remain unrecovered. Singapore police seized the Audi, luxury watches, and approximately S$130,000 in bank deposits.
Court Rejects Mitigation Arguments
Teo’s defense cited financial distress from the FTX collapse and claimed he was suffering from adjustment disorder. His lawyers also highlighted that he has a 16-month-old child and requested a brief deferment to arrange childcare.
Deputy Public Prosecutor Jonathan Tan described the crime as a highly premeditated and greed-driven operation. Prosecutors sought a sentence of 7.5 to 8.5 years. On 8 May 2026, the court sentenced Teo to 82 months’ imprisonment. He remains out on S$130,000 bail and is scheduled to begin serving his sentence on 29 May 2026. He was discharged from the Singapore Armed Forces in 2023.
Key Lessons for Crypto Users
This case is a major reminder that hardware wallets alone do not guarantee complete security. While cold wallets are highly resistant to online hacking, they remain vulnerable when the recovery phrase is physically exposed.
Key security takeaways:
- Never discuss your crypto holdings or storage methods casually, even with close friends or business associates.
- Keep seed phrases fully offline and physically secured in separate locations.
- Avoid storing recovery phrases in easily accessible residential spaces.
- Insider threats and social engineering remain major risks in crypto.
Singapore’s handling of the case demonstrates the growing integration of traditional investigation with blockchain forensics and reflects the country’s strict stance on crypto-related crimes. Similar social engineering and trust-based tactics have been rising across Asia. Read our previous report on the growing wave of crypto scams in Hong Kong, where victims lost millions through deceptive investment schemes and manipulation. Ultimately, this incident is a sobering reminder that crypto security depends not only on technology, but also on operational discipline, privacy, and personal caution.
