The PREMINT website was compromised this weekend when hackers installed a popup that prompted site visitors to grant access to their קריפּטאָ בייַטל.
Users unlucky enough to fall for the scam had their wallets drained of NFTs. The attackers then used NFT marketplaces to flip the stolen goods for crypto.
לויט צו אַ זיכערהייַט analysis report from Certik over 300 individual NFTs were stolen in the attack, with artworks from BAYC, אנדערע זייט, and Goblintown among the losses. One stolen Bored נאָכמאַכן פעטשט 91 ETH on אָפּענסעאַ.
In the early hours of Sunday morning (UTC) Crypto Twitter user @SpiritAzuki rang the alarm on PREMINT. A screenshot shared by SpiritAzuki shows that the malicious script on the website presented itself to users as a security verification measure.
Within 10 minutes of SpiritAzuki’s warning, PREMINT made their own Twitter post saying “Please do not sign any transactions that say set approvals for all!”
It wasn’t until nearly 12 hours later, however, that PREMINT issued a full statement on the situation.
“Last night, a file was manipulated on PREMINT by an unknown third party that led to users being presented with a wallet connection that was malicious,” said PREMINT via their official Twitter account. “This issue only affected users who connected a wallet via this dialog after midnight Pacific time. Thanks to the incredible web3 community spreading warnings, a relatively small number of users fell for this. We took the site down early this morning to fix the issue.”
For users who had fallen foul of the exploit, the immediate reaction varied between the desperation and shock of one user who קליימד to have ‘lost everything’, to more measured responses.
One user took the philosophical view that the situation could have been far worse.
“I used revoke when I saw the notices but I was evidently too late,” said @Dwayne420. “3 good NFTs I minted using premint were stolen. I only transfer crypto into that wallet when I buy…so glad and there wasn’t much of anything else in there NFT wise.”
Ultimately, what concerned users the most was the prospect of a refund. PREMINT have not yet been specific about their plans in this regard, but they have asked victims to contact them.
Report to PREMINT
PREMINT requests that anyone who fell victim to the scam should contact them via this form. To seek the return of a lost NFT users will need to provide the compromised wallet address, the אָפּענסעאַ address and their Twitter account details.
וואָס טאָן איר טראַכטן וועגן דעם טעמע? שרייב צו יוס און זאָגן אונדז!
אָפּלייקענונג
אַלע די אינפֿאָרמאַציע קאַנטיינד אויף אונדזער וועבזייטל איז ארויס אין גוטן אמונה און בלויז פֿאַר אַלגעמיינע אינפֿאָרמאַציע צוועקן. קיין אַקציע וואָס די לייענער נעמט אויף די אינפֿאָרמאַציע געפֿונען אויף אונדזער וועבזייטל איז שטרענג אויף זייער אייגן ריזיקירן.
Source: https://beincrypto.com/hackers-flip-300-stolen-nfts-for-400k-after-premint-website-compromised/