HQ/EMEAFind out how we can help your business
A cyberattack on the blockchain gaming platform dubbed WEMIX allegedly occurred earlier this year. Reports stated that the threat actors stole at least 8.6 million WEMIX tokens valued at approximately $6.1 million.
The platform’s CEO admitted in an announcement that the incident occurred on February 28, 2025, and explained that the delay in making a public announcement was not an attempt to hide it but rather a deliberate decision to protect its players from further losses.
On the same day, the blockchain filed a criminal complaint with the Seoul Metropolitan Police Agency’s Cyber Investigation Unit, and the National Office of Investigation has already deployed an investigation team.
The company also explained that the exact infiltration method was unclear; hence, a quick public revelation could have left them vulnerable to subsequent attempts. Additionally, the announcement disclosed that most of the stolen assets had already been sold, affecting the market.
Given the difficulty of ensuring there are no additional hazards, a quick disclosure could have triggered market panic.
WEMIX is a blockchain-based gaming platform created by the South Korean gaming startup Wemade.
The WEMIX ecosystem contains its cryptocurrency, the WEMIX token, and incorporates blockchain tech into gaming. This feature enables play-to-earn (P2E) models, NFT-based ownership, and DeFi capabilities.
The company is popular for its blockbuster game “The Legend of Mir.” Still, since the debut of WEMIX, the company has focused on blockchain-integrated projects that draw inspiration from the original game.
As of now, the most popular of these is MIR4, with over five million downloads on Google Play alone. Wemade’s other blockchain-based games include Night Crows, Rise of Stars, Crypto Ball Z, and MIR M.
According to the press briefing earlier this week, the hackers gained access to WEMIX after stealing authentication keys for monitoring services on the NFT platform ‘NILE.’
Although Wemade is unsure how the attackers acquired the keys, they suspect it was through a hack of a shared repository to which a developer had uploaded them for convenience. Furthermore, the hackers spent two months organising their attack before attempting fifteen withdrawals, thirteen of which were successful.
The stolen WEMIX tokens were allegedly laundered using cryptocurrency exchanges. For now, WEMIX is unavailable as all blockchain-related infrastructure has been moved to a new, more secure location. Lastly, the firm aims to restore service by March 21, 2025.
