300+ NFTs were stolen, as well as $400K in Ethereum

One of 2022’s largest attacks is when hackers penetrated the famous NFT certification portal Premint last Sunday and walked off with 320 seized NFTs and around  $400,000 in financial benefit.

As per CertiK, the blockchain consulting company, hackers used fake Javascript codes to infiltrate the Premint site on Sunday. They immediately added a pop-up on the site which asked visitors to confirm their wallet possession, presumably as a further security step.

Multiple people recognized this pop-up was fraudulent and turned to Twitter or Discord to urge everyone else not to execute its guidelines. Nonetheless, the attackers already had fooled many Premint clients within seconds.

The stolen NFTs were from renowned collections such as Goblintown, Moonbirds Oddities, and Otherside. After obtaining those NFTs, the thieves quickly began selling them on platforms such as OpenSea; a robbed Bored Ape sold for 89 ETH, about $132,000.

The monies were subsequently transferred to Tornado Cash, the platform that combines and blends the bitcoin inputs of multiple users, essentially erasing the digital footprint generally left with cryptocurrency operations. Cyber attackers routinely employ mixing programs such as Tornado Cash for cleaning stolen virtual assets.

What was Premint’s reaction?

Premint went on Twitter yesterday to admit the intrusion and reassure customers that its bulk of profiles was untouched. They stated that a few people suffered from this because of the fantastic web3 group circulating alerts.

Nevertheless, several Premint customers observed that the hijacked website remained up for around ten hours once hackers originally penetrated it on Sunday. Some lamented the theft of their virtual goods and inquired if Premint would reimburse the worth of the hijacked NFTs back to their wallets.

Premint has subsequently begun compiling information throughout all NFTs taken in the breach.

The attack is just the newest fraud to hit the NFT business, which produced $25 in annual sales. A hijacking fraud on OpenSea took almost $1.7 million in NFTs back in February. A cyberattack on Bored Ape’s Instagram profile resulted in April’s $2.8 million NFT heist. This month, artist Seth Green spent nearly $300,000 to retrieve a seized Bored Ape’s NFT that he intended to use as the focus of a new tv show.

Given the considerable wealth pouring into the NFT market, the safety of such assets, particularly when linked to centralized corporations such as Premint, is a persistent concern.