- Moonveil’s implementation wallet was hacked, leading to unauthorized transfers of 56.48 million MORE tokens.
- Some of the stolen tokens were sold or sent to the exchange, and 34.18 million MORE were permanently frozen.
- The total loss is estimated at ~ PLN 147,000. dollars; the team removed liquidity and contacted exchanges to mitigate the damage.
Moon veilthe Web3 gaming studio behind MORE tokenconfirmed by A security incident ON December 19 upon detection of unauthorized transactions originating from a wallet connected to the node and staking contract provider. The team reported that the private key of the deploying wallet has been compromisedgiving the attacker access to many contracts, including those supporting them staking, node rewards and airdrop program.
In updates posted on December 19 and 20Moonveil revealed that in total 56.48 million MORE tokens have been transferred to two wallets controlled by attackers. According to the studio, 14.9 million MORE have been sold decentralized exchanges (DEX), 7.39 million MORE were sent to MEXC replacement — later frozen after the team contacted the MEXC security unit — and 34.18 million MORE was referred to the project’s ERC20 contracteffectively locking them so that they cannot be retrieved.
Some of the stolen funds are permanently frozen
Moonveil explained that MORE The ERC20 contract does not allow withdrawalswhat does it mean 34.18 million MORE tokens sent back, they are now permanently frozen and removed from the market. Based on reported data, total losses are estimated at approximately $146,848. Of this amount $38,740 corresponds to tokens sold on DEXs, $19,214 to the assets transferred to MEXC, and $88,868 to tokens now trapped in the main contract.
The studio says yes liquidity removed from DEX pools, canceled dynamic orders on centralized exchanges (CEX), contacted Binance for monitoring assistanceAND revoked all permissions associated with the compromised deployer address. These actions are aimed at preventing further unauthorized operations on the Moonveil network and securing remaining assets.
ANNOUNCEMENT:
On December 19 at approximately 2:00 UTC, the Moonveil team detected suspicious and unauthorized transactions originating from the wallet address of our node/staking contract creator.
The team immediately launched an investigation. We confirmed that…
— 🌙Moonveil.gg (@Moonveil_Studio) December 19, 2025
From December 22Moonveil has not released additional updates beyond its own Statement of December 20in which the team confirmed that the security unit continues to track the attacker’s addresses and coordinate with the affected exchanges.
Founded in 2022 by former developers from Riot Games and TencentMoonveil describes himself as Web3 game studio focuses on integrating blockchain assets into gaming experiences. The company previously announced, among others: $5 million investment from Unicorn Verseaimed at expanding digital entertainment infrastructure and strengthening the development of the industry MORE token.
The breach adds to a growing list security incidents in the Web3 gaming sectorwhere clever contracts and implementation wallets with elevated privileges often become targets for high-value attacks. For Moonveil, the event highlighted persistent gaps in child care practices at the project level. Despite limiting the attacker’s ability to liquidate all funds, a breach occurred the circulating liquidity of the MORE token decreased and raised modern concerns about operational security in decentralized gaming projects.
