TL;DR
- Moonveil’s deployer wallet was hacked, leading to unauthorized transfers of 56.48 million MORE tokens.
- Part of the stolen tokens were sold or sent to an exchange, while 34.18 million MORE were permanently frozen.
- The total loss is estimated at ~$147k; the team removed liquidity and contacted exchanges to mitigate damage.
Moonveil, the Web3 gaming studio behind the MORE token, confirmed a security incident on December 19 after detecting unauthorized transactions originating from a wallet linked to a node and the staking contract deployer. The team reported that the private key of the deployer wallet had been compromised, giving the attacker access to multiple contracts, including those handling staking, node rewards, and an airdrop program.
Across updates published on December 19 and 20, Moonveil disclosed that a total of 56.48 million MORE tokens were transferred to two attacker-controlled wallets. According to the studio, 14.9 million MORE were sold through decentralized exchanges (DEXs), 7.39 million MORE were sent to the MEXC exchange — later frozen after the team contacted MEXC’s security unit — and 34.18 million MORE were sent back to the project’s ERC20 contract, effectively locking them beyond recovery.
Part of the stolen funds permanently frozen
Moonveil explained that the MORE ERC20 contract does not allow withdrawals, which means the 34.18 million MORE tokens sent back are now permanently frozen and removed from circulation. Based on the reported figures, the total loss is valued at approximately $146,848. Of that amount, $38,740 corresponds to the tokens sold on DEXs, $19,214 to the assets transferred to MEXC, and $88,868 to the tokens now trapped in the main contract.
The studio said it has removed liquidity from DEX pools, canceled active orders on centralized exchanges (CEXs), contacted Binance for monitoring assistance, and revoked all permissions associated with the compromised deployer address. These actions aim to prevent further unauthorized operations within Moonveil’s network and to secure remaining assets.
ANNOUNCEMENT:
At approximately 2:00 AM UTC on December 19, the Moonveil team detected suspicious and unauthorized transactions originating from our node / staking contract creator wallet address.
The team immediately initiated an investigation. We have confirmed that the…
— 🌙Moonveil.gg (@Moonveil_Studio) December 19, 2025
As of December 22, Moonveil has not issued additional updates beyond its December 20 statement, in which the team confirmed that the security unit continues to track the attacker’s addresses and coordinate with affected exchanges.
Founded in 2022 by former developers from Riot Games and Tencent, Moonveil describes itself as a Web3 gaming studio focused on integrating blockchain assets into game experiences. The company previously announced a $5 million investment from Unicorn Verse, intended to expand its digital entertainment infrastructure and strengthen the development of the MORE token.
The breach adds to a growing list of security incidents in the Web3 gaming sector, where smart contracts and deployer wallets with elevated permissions often become high-value attack targets. In Moonveil’s case, the event underscores ongoing vulnerabilities in project-level custody practices. Despite limiting the attacker’s ability to liquidate all funds, the breach reduced the circulating liquidity of the MORE token and raised new concerns about operational security in decentralized gaming projects.
