Cybercriminals have hacked the official website of popular non-fungible token (NFT) PREMINT and made away with $375,000 worth of assets in one of the biggest NFT heists recorded.
The threat actors injected malicious JavaScript code into the website via URL, but the file became unavailable after the Domain Name Server (DNS) was taken down.
Still, the devastating impact of the attack is visible on the blockchain. The malicious code tricked users into allowing “set approvals for all” permissions for their crypto wallets, enabling attackers to access and steal their assets.
So far, six Externally Owned Accounts (EOAs) are directly tied to the attack, reported blockchain security firm Certik. The perpetrators extracted approximately 275 ETH (about $375,000) worth of NFTs from compromised accounts.
“In total, both wallets stole 314 NFTs including BAYC, Otherside, Globlintown, et al,” reads the company’s report. “In total, ~275 ETH was lost in the attack amounting to $374,417.66, making it one of the largest NFT hacks this year.”
Yesterday at 8 am UTC, PREMINT informed its followers on Twitter that its website was compromised. The NFT platform is gathering data to build a full list of wallets affected by the hack and disclosed several crypto wallets flagged by Etherscan for stealing assets.
PREMINT recommended users who believe they’ve been compromised take steps to revoke malicious permissions or move their valuables to another wallet. They stressed the importance of not signing any “set approval for all” transactions in a separate tweet.
Users with crypto assets should avoid signing unknown transactions and exercise caution even on trusted websites. Moving assets on a hardware wallet could also hamper threat actors’ attempts to steal them.