Following on from the Uniswap phishing attack, on July 17th, PREMINT became the latest Web3 service provider to fall victim to a hacking campaign.
What Is PREMINT?
PREMINT is a service which is used by the top NFT artists in the world to build access lists (Whitelists) and to randomly select the collectors and community members to win a spot. 800,000 collectors have joined lists without spending any gas.
The Hack, What Happened?
In the early hours of Sunday morning, PREMINT urgently Tweeted “please do not sign any transactions that say set approvals for all”. Unfortunately, many people did not see this warning and have had the content of their wallets drained. By signing the contract and giving token approval, the targeted user was essentially granting permission to the hacker to move (steal) their NFTs.
PREMINT states that a “file was manipulated on PREMINT by an unknown third party that led to users being presented with a wallet connection that was malicious”.
Just after the hack began, many people took to Twitter and put out warnings in an attempt to caution other NFT users from signing the malicious transaction contract. Thanks to the “incredible Web3 community” spreading the warning so quickly, only a “relatively small number of users fell for this”. PREMINT had to take their site down immediately to fix the issue and implement some additional security measures.
Earlier today, PREMINT Tweeted that the website is now safe to log back into. However, not long after, they stated that they are continuing to “dig into this incident”, suggesting that the case is not closed yet. To be safe, for now, only log into PREMINT if you absolutely have to.
How To Check If You Were Affected?
To check if your wallet has been compromised, simply go to Etherscan and check your wallet’s history. If you see a Set Approval transaction or function anywhere, it means that you have signed a malicious contract which sets approvals for all transactions. In your transaction history, you will also notice any transactions that you did not make yourself, which is another sign that your wallet has been compromised. If this has affected you, then please revoke this approval as soon as possible by following these steps.
How To Stay Safe?
As you’ve probably heard time and time again, a great way to stay safe is by using a burner wallet when signing any unfamiliar contracts or minting an NFT. Only keep the minimum amount of ETH that you need in your burner wallet and do not store valuable NFTs in there. That way, if your wallet is compromised, your assets will remain safe (hopefully they’re on a Ledger). In addition, you should never blindsign contracts.
What To Do If You Were Affected?
“If you were affected by the incident on PREMINT”, please add your details here. It is unclear what PREMINT is going to do to compensate those affected, but it appears that they are taking steps to refund or compensate users.
As you can imagine, there has been a serious uproar from the community. Those that have had their valuable assets stolen are bitter, and for a good reason. By browsing through the comments sections, we can see many opinions, as always.
How PREMINT responds to this incident will surely impact its reputation. Unfortunately, PREMINT is only the latest victim. Just recently, Uniswap and DeeKay were both targeted by scammers, resulting in huge losses.
With NFT scams becoming more advanced, it is more important than ever to do your own due diligence, exercise caution, and double check everything. Stay safe out there!