NFT access tool premint was hacked and lost more than 370000 US dollars

「 Do not authorize anything that appears as 『set approvals for all』 Transactions ！」 Beijing time. 7 month 17 On the afternoon of Sunday ,NFT Access the list tool PREMINT Issue an alert via official twitter . Because there are user reminders , The tool's website was hacked , There has been a NFT The collector's collection was stolen .

And then , Blockchain security mechanism slow fog confirmation ,PREMINT The website was attacked by hackers , Hackers implant malicious in the website JS（JavaScript） File to implement phishing attacks , Cheat users to sign 「set approvals for all」 Transactions , Thus stealing users NFT assets .

Another security agency Certik Tracked 6 Main addresses related to hacker attacks ,「 Approximate value 275 ETH（ about 37.5 Thousands of dollars ） Of NFT Stolen .」 User stolen NFT involve Bored Ape Yacht Club、Otherside、Moonbirds、Oddities and Goblintown Known as NFT.

PREMINT And security agencies prompt users , Users using this website need to check their wallet authorization settings , You can use Ethereum browser or Revoke And other special tools to cancel wallet authorization .

PREMINT Prompt the user to stop authorization transaction

PREMINT You can predict all kinds of NFT Release , But it is impossible to predict the intrusion of hackers .7 month 17 Japan , There are user reports NFT After loss ,PREMINT Alert via official twitter ,「 Do not authorize anything that appears as 『set approvals for all』 Transactions ！」

This year, 3 On line at the end of the month PREMINT It's an interview NFT List tools , It collects information on the market NFT List of pre-sale and gifts , Creators can build access lists through this tool ,NFT Collectors can keep abreast of the upcoming Mint（ Release or cast ） Of NFT goods .

PREMINT Official website display , There are more than 12000 Projects have used it to manage their access lists , There are more than 239 Ten thousand wallets linked the tool .

7 month 17 Japan , Millions of linked wallets also include malicious wallets of hackers .PREMINT Express , An unknown third party manipulated a file , Cause the user to see a malicious wallet link .

On the online encrypted wallet , Click on 「set approvals for all」 It means that the user has set 「 Approve the transaction 」, When this authorization is used by phishing attacks , Hackers will be able to transfer your encrypted assets .

PREMINT Start counting the information of stolen users

After the attack ,PREMINT Remind users , Take advantage of what can be revoked Revoke Tool revoke authorization , And all valuable NFT Transfer to other wallets . have other NFT User alert , You can also use the official Ethereum browser 「Token Approval」 Tool revokes wallet authorization .

Up to now , There has been a 6 Ethereum addresses were marked as related to this attack 「 Phishing hackers 」 Address . This morning ,PREMINT Posted a link to the registration form on official twitter , To collect and count the information of stolen users , Include the address of the affected wallet 、 Stolen NFT The wallet OpenSea link 、 User's Twitter name .

Hackers profit more than from phishing attacks 37 Thousands of dollars

PREMINT After being attacked , The security agency slow fog issued a security alert , The agency disclosed ,7 month 17 Japan 16 when (UTC+8),premint.xyz Encounter hacker attack , Hackers implanted malicious JS（JavaScript） File to implement phishing attacks , Cheat the user to sign 「Set Approval For All」 Transactions , So as to steal the user's NFT And so on .

Another security agency Certik Combed more detailed PREMINT Event analysis , The agency said , A hacker will maliciously JavaScript Upload the code to premint.xyz, Thereby destroying the website . Malicious code passes through URL Injected into the website , However , Because the domain name server no longer exists , The file is no longer available ,「 But the impact of this chain attack is still visible .」

Certik Disclosure , All in all 6 Addresses are directly related to the attack , The attack is from UTC Time in the morning 7 when 25 Point start , Because there are two malicious wallet addresses （0x0C979…… and 0x28733……） At that time, there was transfer theft NFT The action of , Malicious code may also be injected into PREMINT In the official website of , These two wallets contain NFT Include Bored Ape Yacht Club（BAYC）、Otherside、Oddities and Goblintown etc. , rest 4 Three wallets were involved in the theft NFT The transfer of .

The hacker's address was transferred to the stolen Goblintown NFT

「 The two wallets were stolen 314 individual NFT, Include BAYC、Otherside、Globlintownm etc. ,」Certik Statistics , The total loss of this attack is about 275 ETH, Amount is 374417.66 dollar , Make it the largest this year NFT One of hacker attacks .

Even though NFT yes Web3 The product of , but Certik In event analysis, it means ,Web2 It has always been the main state of the Internet , Users are investing NFT And encrypting assets with Web2 The ease of use of the site ,「 however ,Web2 Infrastructure often leads to a single point of failure through centralized vulnerabilities .」

Certik Give me an example —— This year, 6 month , stay BAYC There was a phishing attack on , Community managers Boris Vagner Of Discord The account was hacked , Cause the attacker to fake BAYC Website Discord On the channel, it is published for BAYC and Otherside False links from holders , This fishing method allows attackers to steal NFT About 31.9 Thousands of dollars .

The second example is NFT The artist Beeple Twitter account theft incident , The incident caused his twitter fans to lose about 43.8 Thousands of dollars in NFT And encrypted assets . In the first attack , Hacker to Beeple Twitter followers posted a collaboration link , Some users lost about 7.3 Thousands of dollars . And then , The second attack came , Exhausted followers' encryption assets and NFT wallet .

「 These attacks indicate ,Web2 There is a vulnerability of centralization .」Certik Think ,Web2 When the security vulnerability of , Will give NFT bring 「 Devastating losses 」.

（ Statement ： Please strictly abide by the local laws and regulations , This article does not represent any investment advice ）

You used PREMINT Website ？