1 min read

Popular NFT Platform PREMINT Hacked for 314 NFTs

Vlad CONSTANTINESCU

July 18, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Popular NFT Platform PREMINT Hacked for 314 NFTs

Cybercriminals have hacked the official website of popular non-fungible token (NFT) PREMINT and made away with $375,000 worth of assets in one of the biggest NFT heists recorded.

The threat actors injected malicious JavaScript code into the website via URL, but the file became unavailable after the Domain Name Server (DNS) was taken down.

Still, the devastating impact of the attack is visible on the blockchain. The malicious code tricked users into allowing “set approvals for all” permissions for their crypto wallets, enabling attackers to access and steal their assets.

So far, six Externally Owned Accounts (EOAs) are directly tied to the attack, reported blockchain security firm Certik. The perpetrators extracted approximately 275 ETH (about $375,000) worth of NFTs from compromised accounts.

“In total, both wallets stole 314 NFTs including BAYC, Otherside, Globlintown, et al,” reads the company’s report. “In total, ~275 ETH was lost in the attack amounting to $374,417.66, making it one of the largest NFT hacks this year.”

Yesterday at 8 am UTC, PREMINT informed its followers on Twitter that its website was compromised. The NFT platform is gathering data to build a full list of wallets affected by the hack and disclosed several crypto wallets flagged by Etherscan for stealing assets.

PREMINT recommended users who believe they’ve been compromised take steps to revoke malicious permissions or move their valuables to another wallet. They stressed the importance of not signing any “set approval for all” transactions in a separate tweet.

Users with crypto assets should avoid signing unknown transactions and exercise caution even on trusted websites. Moving assets on a hardware wallet could also hamper threat actors’ attempts to steal them.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
Alina BÎZGĂ

November 29, 2022

2 min read
Hackers Steal Crime Files in Attack on Belgian Police Station, Then Demand Ransom Hackers Steal Crime Files in Attack on Belgian Police Station, Then Demand Ransom
Filip TRUȚĂ

November 28, 2022

2 min read
Authorities Dismantle iSpoof Criminal Phone Spoofing Operation, Arresting 142 Authorities Dismantle iSpoof Criminal Phone Spoofing Operation, Arresting 142
Vlad CONSTANTINESCU

November 25, 2022

1 min read