Premint Hack: One of 2022’s Biggest Breaches: Over 300 NFTs Stolen, Resold for $400,000

Premint, a platform for NFT registration, is now in a precarious position as a result of hackers breaking into its system over the weekend. The hacker(s) stole 320 NFTs in total, resold them on NFT marketplaces like OpenSea, and made $400,000 (approximately Rs. 3.20 crore) in 275 ETH tokens in the process. One of the largest hacks the blockchain industry has seen so far in 2022 is the compromise of the Premint systems.

A malicious JavaScript code was introduced by the attacker(s) to the Premint website. Then, pretending to be an additional security step, they designed a pop-up to appear on the website and ask users to confirm their wallet ownership. According to blockchain security company CertiK’s conclusions about this hack, multiple Premint users were duped by this pop-up within minutes.

According to a Decrypt report, the hacker(s) were able to obtain pricey NFTs from well-known digital collectibles series such as Bored Ape Yacht Club (BAYC), Otherside, Moonbirds Oddities, and Goblintown.

After being passed from the TornadoCash crypto mixer, the 275 Ether tokens that the hacker(s) obtained by flipping these stolen NFTs were subsequently wired into unidentified wallets. These privacy solutions enable full anonymous cryptocurrency transfers between two wallets by eliminating any digital signatures connected to a trade.

According to a research by Chainalysis, approximately $1.7 billion (about Rs. 13,210 crore) in digital assets have been stolen by cybercriminals thus far in 2022, with Decentralized Finance (DeFi) protocols accounting for 97% of the total.

The main sources of the loot were the $320 million (approximately Rs. 2,486 crore) Wormhole attack in February and the $600 million (about Rs. 4,660 crore) Ronin bridge breach in late March.

OpenSea also had a phishing assault in February and lost $1.7 million as a result (roughly Rs. 12.5 crore).

Blockchain research company Chainalysis has established a hotline to receive reports of attempted crypto hacks in an effort to reduce the risks involved. If organisations get questionable crypto payment requests from unidentified parties, they should contact this hotline.

Source Link

Spread the love

Leave a Reply

Your email address will not be published.