All investment / financial opinions expressed by NFTevening.com are not recommendations.
This article is educational material.
As always, do your own research before making any kind of investment.
PREMINT HACKED: Do not click on any links!
Early this morning, July 17, attackers hacked the NFT service provider PREMINT’s website. Do not click on any links or sign any transactions on the site. While some users have reported that attackers stole their NFTs, we do not yet know the full extent of the damage. At the time of writing, PREMINT’s website was up and running and the team had not yet confirmed whether they had gained access to the website again. Let’s take a look at what we know so far about the PREMINT hack.
PREMINT hack: What happened?
This morning, many took to Twitter to issue warnings about PREMINT’s hack, and warned users against making any transactions on the project’s website. For the uninitiated, PREMINT is an NFT service provider that lets top NFT artists build access lists and raffles for community members.
“Please do not sign any transactions that say permanent approvals for everyone!” PREMINT tweeted. The project added that they are currently looking at reports.
By giving token approval, you are essentially giving the hacker permission to move your NFTs, without you signing anything again. However, you can revoke this approval.
To check if your wallet was compromised in the PREMINT hack, go to Etherscan and check your wallet history. If you notice a Set Authentication feature anywhere, it means that you signed a “set of approvals for all” transaction. In your history, you will also be able to see all transactions you did not make yourself – a clear sign that your wallet was compromised.
What to do if your wallet was compromised
If your wallet was compromised, you can do the following:
- Go to revoke.cash or etherscan.io/tokenapprovalchecker to revoke the permit. Here you can revoke access to each NFT that was approved by clicking the “Cancel” button. Once recalled, go to Etherscan. Under logs, if the data part says “False”, it means that you have revoked your approvals.
- Alternatively, you can move all your belongings to another wallet until further notice.
Ultimately, it is always safer to use one crypto burner wallet to avoid situations like this. Essentially, a burner wallet is a temporary crypto wallet that you only use to create NFTs or make dApp transactions. This wallet will only have the minimum amount you need to make an NFT or pay for gas. This way, even if someone hacks your burner wallet, your primary assets will remain safe.
PREMINT hack is not the first this week
Since last year, there has been a significant increase in NFT hack, with PREMINT as the latest victim. Early today we reported that a hacker targeted NFT Artist DeeKay’s Twitter Account on Friday. The hack allegedly resulted in a loss of $ 150,000 in NFTs.
With NFT scams on the rise, it’s now more important than ever to be extra careful when approving transactions. Always double check the authenticity of any NFT drops, even if they come from a verified account.
