People are also interested: How to sign up for FTX is the simplest for beginners
Non-fungible token (NFT) influencer Zeneca and NFT registration platform PREMINT are the most recent targets of NFT Hackers‘ attempts against the NFT community.
Zeneca‘s social media accounts were compromised on late Tuesday and linked to a fake Airdrop for the influencer’s “Zen Academy Founders Pass,” tricking users into connecting their wallets.
“Hey everyone wanted to try and do something special for the community so here I go!” Zeneca’s compromised Twitter account had posted. “I would love to announce the official release of the Zen Academy Founders Pass airdrop. there’ll be 333 of those passes to begin off. The lucky few that manage to induce one.”
Soon after the tweet was sent, Twitter’s head of consumer product marketing Justin Tayler confirmed that the account had been hacked and locked it down.
.@Zeneca_33 has been hacked, but is now locked down.
Will be getting him access back soon
— Justin Taylor (@TheSmarmyBum) July 19, 2022
Zeneca, who has since gotten access to his account back, claims he has no idea of how the hack befell. during a Twitter thread, he said he had two-factor authentication (2FA) enabled using Google Authenticator, and even speculated that this might be an internal job.
Web3 security analyst Serpent also asked Tayler to try to to an indoor investigation, saying that “way too many status accounts (with authenticator 2FA) are getting hacked recently.”
@JRNYclub @nounsdao @DuppiesNFT @frankdegods @franklinisbored @jenkinsthevalet @DegenTownNFT
— Serpent (@Serpent) July 19, 2022
The NFT hackers came shortly after the Bored Ape order creator Yuga Labs warned the NFT community in an exceedingly Monday tweet about “a persistent threat group that targets the NFT community.”
“We believe that they will soon be launching a coordinated attack targeting multiple communities via compromised social media accounts. Please be vigilant and stay safe,” the official Twitter account of Yuga Labs said.
Meanwhile, during a separate incident, NFT registration platform PREMINT suffered a program July 17, resulting in total losses of around USD 430,000 for users who clicked on a malicious link.
PREMINT confirmed the hack during a Twitter thread, detailing that the “issue only affected users who connected a wallet via this dialog after midnight PST.”
According to a security analysis report from Certik, the NFT hackers compromised PREMINT’s website by uploading a malicious JS file to the location. Unsuspecting users who clicked on the link were asked to sign a transaction that will give the NFT hackers access to steal their NFTs.
Certik has discovered six Ethereum (ETH) addresses directly related to the attack, with approximately ETH 275 (USD 430,330) stolen in NFTs.
On July 18, the platform announced that users not need their wallets when logging into PREMINT. Instead, Twitter or Discord accounts may be used.
We're continuing to dig into this incident, but a reminder:
❌ You will never, EVER be asked to approve ANY KIND OF transaction on PREMINT.
✍️ When connecting a wallet, you'll be asked to *sign* a message, but there will NEVER be a gas fee or anything resembling a transaction.
— PREMINT | NFT Access List Tool (@PREMINT_NFT) July 18, 2022
Later within the afternoon on Wednesday (UTC time), PREMINT said they’re going to be going live to share “big news about our security incident and next steps.”
