Blockchain gaming giant Wemix has confirmed that it suffered a significant cyberattack in February, leading to the loss of approximately 8.65 million WEMIX tokens, valued at $6.22 million.
The attack targeted the Play Bridge Vault system, a crucial component that facilitates cross-chain transactions, after hackers stole an authentication key from Nile, an NFT platform linked to Wemix.
During an emergency meeting, Wemix PTE. LTD. CEO Kim Seok-hwan admitted that the company delayed publicly disclosing the breach but denied any intent to conceal the incident.
He stated that the delay was a strategic decision to prevent further attacks and avoid triggering market panic. However, this delayed response has raised concerns among investors and led to increased scrutiny over the company’s cybersecurity practices.
Hackers Exploit Play Bridge Vault, Liquidate Stolen WEMIX Tokens
The attack on Wemix was executed over a two-month period, with hackers carrying out a series of sophisticated transactions to siphon funds undetected.
By infiltrating the Play Bridge Vault system, the attackers successfully executed 15 fraudulent transactions, withdrawing assets on 13 occasions.
Also Read: Binance Records $5.323 Billion in February Net Inflows Amid Bybit Hacking Incident
The stolen tokens were then liquidated via overseas exchanges, making it difficult to trace and recover the funds.
CEO Kim revealed that the root cause of the breach was likely an internal security oversight—an employee had mistakenly uploaded sensitive authentication data to a public repository in mid-2023.
While some initially suspected the notorious North Korean hacking group Lazarus, external security experts have stated there is currently no conclusive evidence linking the attack to the group.
Investor Backlash and Market Stabilization Efforts
The hack and subsequent delayed disclosure have triggered backlash from investors, prompting the Wemix Foundation to take immediate steps to stabilize the market and restore confidence.
On March 13, the company announced a token buyback program worth 10 billion won ($7.5 million), followed by another market purchase worth 20 million won ($15,000) the next day.
Additionally, Wemix has begun relocating all blockchain-related infrastructure to a more secure environment and aims to resume full services by March 21.
However, the Digital Asset Exchange Association (DAXA), which oversees South Korea’s cryptocurrency exchanges, has flagged WEMIX as a cautionary trading item and temporarily suspended deposits.
CEO Apologizes and Pledges Enhanced Security Measures
Addressing investors during the emergency meeting, CEO Kim Seok-hwan took responsibility for the security breach and the delayed response.
He acknowledged that the company’s handling of the crisis could have been more transparent and assured stakeholders that Wemix is fully cooperating with authorities, including the Cyber Investigation Unit of the Seoul Metropolitan Police Agency, to track down those responsible.
To prevent similar incidents in the future, Wemix has committed to strengthening its cybersecurity framework, improving its crisis management response, and enhancing investor communication.
Despite these assurances, the company now faces an uphill battle to regain trust, as the crypto community remains wary of vulnerabilities in its security infrastructure.
Recent Crypto Hacks Highlight Industry-Wide Security Challenges
The Wemix breach is just the latest in a series of high-profile crypto hacks that have rocked the industry.
Recently, Mask Network founder Suji Yan lost $4 million in a suspected private key breach during a birthday gathering, with the stolen assets quickly converted into Ethereum and dispersed across multiple wallets.
In another case, Infini founder Christian pledged $25 million of his personal funds to cover user withdrawals after a $49 million hack compromised the platform.
However, the most alarming incident involved Dubai-based crypto exchange Bybit, which suffered a staggering $1.44 billion Ethereum hack, the largest in history.
Although Bybit assured customers that user funds remained intact, the attack underscored the persistent vulnerabilities facing even the largest crypto platforms.
The increasing frequency of these breaches highlights the urgent need for stronger security measures across the entire blockchain industry.
Also Read: North Korea’s Lazarus Hacker Group Deposits 400 $ETH (~$750K) into Tornado Cash