It is one of the biggest NFT hacks ever
Threat actors hacked the popular NFT platform, Premint NFT by compromising its official website and stealing 314 NFTs. According to the experts from blockchain security firm CertiK, this is one of the biggest NFT hacks on record.
On analysis by the experts it was found that a malicious JavaScript code was planted to premint.xyz. The script was designed to instruct users to “set approvals for all” when connecting their wallets to the site, thereby allowing the attacker to access their crypto assets.
The malicious file is no longer available as the Domain Name Server does not exist but the effects of the attack are visible on-chain. In total, six externally owned accounts (EOAs) are directly associated with the attack, with approximately 275 ETH stolen (~$375k).
The attack involved six EOAs, and two of these have been caught early and victims get their funds back by calling ‘revoke.cash.’
Users are recommended to avoid signing transactions that say ‘set approvals for all.’
Certik stated that attacks such as these exploit the centralization issues and single-points of failure that come with web3 projects’ reliance on web2 infrastructures. There has been a marked increase in attackers targeting other official accounts such as social media platforms to conduct exploits.
According to Certik experts, in order to prevent this kind of incidents, web3 projects should always build practices of decentralization around points that entail centralization risk and single-points of failure.
The experts recommend to require multiple signatures when granting access to accounts with privileged controls, and also revoke access to these accounts after each use.