Popular NFT Platform PREMINT Hacked for 314 NFTs
Cybercriminals have hacked the official website of popular non-fungible token (NFT) PREMINT and made away with $375,000 worth of assets in one of the biggest NFT heists recorded.
Still, the devastating impact of the attack is visible on the blockchain. The malicious code tricked users into allowing “set approvals for all” permissions for their crypto wallets, enabling attackers to access and steal their assets.
So far, six Externally Owned Accounts (EOAs) are directly tied to the attack, reported blockchain security firm Certik. The perpetrators extracted approximately 275 ETH (about $375,000) worth of NFTs from compromised accounts.
“In total, both wallets stole 314 NFTs including BAYC, Otherside, Globlintown, et al,” reads the company’s report. “In total, ~275 ETH was lost in the attack amounting to $374,417.66, making it one of the largest NFT hacks this year.”
Yesterday at 8 am UTC, PREMINT informed its followers on Twitter that its website was compromised. The NFT platform is gathering data to build a full list of wallets affected by the hack and disclosed several crypto wallets flagged by Etherscan for stealing assets.
PREMINT recommended users who believe they’ve been compromised take steps to revoke malicious permissions or move their valuables to another wallet. They stressed the importance of not signing any “set approval for all” transactions in a separate tweet.
Users with crypto assets should avoid signing unknown transactions and exercise caution even on trusted websites. Moving assets on a hardware wallet could also hamper threat actors’ attempts to steal them.
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022