According to security information provided by CertiK, the Premint website—a well-known NFT whitelist platform—was compromised on Sunday. Losses resulting from the attack are believed to have cost about $375,000.
Premint Attacked
One of the biggest non-fungible token breaches of the year resulted in the theft from Premint NFT platform customers of at least 314 blockchain entries, totaling around $375,000.
According to the crypto security company CertiK, the issue started with an injection of malicious JavaScript and affected wallets storing NFTs like Bored Ape Yacht Club and Oddities. Premint tweeted that affected users received a pop-up requesting them to confirm their ownership of their wallet. Users of the website can sign up to be included to a database of prospective buyers of new NFT projects.
We are actively working to get a full list of wallets that had assets taken from them.
These are the wallets that Etherscan have flagged for stealing assets.
–https://t.co/l3yEk2tUDs
– https://t.co/wdo7sJMia1
– https://t.co/8bBEgpKupN
– https://t.co/iY4tna437S— PREMINT | NFT Access List Tool (@PREMINT_NFT) July 17, 2022
The message also persuaded users to enable a “SetApprovalForAll” feature in their wallets, allowing hackers to steal money from their accounts. Premint claims that only a “relatively small number of users” were fooled by the prompt and that it has increased security.
SetApprovalForAll is made to enable users of decentralized finance platforms to instantly consent to the transfer of particular tokens that have been pre-selected by an underlying smart contract at a later time. Threat actors take advantage of the feature to transfer all of the tokens belonging to other users to their own wallets.
The hack has been effectively closed, and PREMINT has updated their website as of this writing.
Users can now log back into the platform using their Twitter or Discord accounts instead of wallets, according to an update pinned to the website by PREMINT. This is secure and far more convenient, especially on mobile devices.
BTC/USD rise above $20k. Source: TradingView
Related reading | Online Perpetrators Steal Ethereum And NFTs From Yuga Labs Through Server Hack
Safety Measures
The warning was posted earlier on Twitter by the Permit team, telling users to revoke access to their wallets if they think their wallets were compromised in the hack and not to approve any transactions that ask them to “set approvals for all.” For a fix, the website was momentarily taken offline.
The platform briefly shut down its website and advised disabling the “set approval for all” feature using Revoke Cash or Etherscan and relocating any assets to a different wallet. With the use of an event report form, the business is gathering a list of stolen items and using it to trace their whereabouts.
The website was operational at the time this was written. Users no longer have to check in to the website using their wallets thanks to a Premint update. Users can now log back into the platform using their Twitter or Discord accounts rather than their wallets. It’s much safer and more practical. Particularly on mobile.
Furthermore, PREMINT informed its community that they are trying to recover affected users’ wallets and their stolen assets. “We are actively working together to get a full list of wallets that had assets taken from them.”
The number of NFT hacks has significantly increased since last year, with PREMINT being the most recent victim. Earlier on Friday, a hacker targeted NFT Artist DeeKay’s Twitter account. According to reports, the attack caused NFT losses of $150,000.
Being extra cautious while approving any transactions is now more crucial than ever due to the increase in NFT scams.
Related reading | Hackers’ Phishing Attack Cuts Off Moonbirds NFTs Worth $1.5 Million
Featured image from Getty Images, charts from TradingView.com
