Premint NFT hack and the post-mortem you shouldn’t miss out on
The latest hack in the crypto space witnessed a heist of over $375k on the Premint NFT registration platform. The platform has since provided updates on the matter in the aftermath of the hacking.
The attacks on NFTs are becoming far more frequent.
Just another day at work
Co-ordinated hacks are becoming a prominent theme in the crypto world. The infiltrator “manipulated a file” on Premint which presented the users with a malicious wallet connection. Later, the platform had to take down the site for security reasons.
Ironically, Brenden Mulligan, Founder of Premint NFT, released new security updates for the platforms on 8 July. In his tweet, he had said,
“Today we made a lot of great security updates to PREMINT as a continuing effort to keep collectors safe.”
The platform, however, suffered an attack late on 16 July by a malicious actor.
This issue only affected users who connected a wallet via this dialog after midnight Pacific time.
Thanks to the incredible web3 community spreading warnings, a relatively small number of users fell for this.
We took the site down early this morning to fix the issue. pic.twitter.com/Wq9FyRtIMl
— PREMINT | NFT Access List Tool (@PREMINT_NFT) July 17, 2022
The site was back up the following day after the attack. Additionally, the platform could flag four accounts in all that could be suspected of stealing from Premint.
In fact, Premint also introduced a new security feature after the hack. According to the new security update, users wouldn’t be needing wallets when logging back into Premint.
Once the Twitter and Discord accounts are connected to the wallets, users can log in easily afterward.
Hear it from the experts
Cyber security expert Simona stated her opinion on user account safety in the aftermath of the attack. She suggested users to follow the step-by-step process to ensure safe passage and avoid such malicious attacks. Simona further alerted users, stating,
“ If you see a wallet ID as a spender of an NFT like the one in the picture (not OpenSea or a marketplace contract) that is probably a scammer wallet that can withdraw your NFTs.”
Cybersecurity measures continue to fail in the crypto industry as hackers are able to manage heists after heists.
Although this attack happens to be a relatively small one as compared to $100 million stolen in the Harmony Bridge attack, the need for proper measures in place remains constant.
And, the need for rigid security measures is becoming crucial now more than ever.