Yuga Labs warns of ‚persistent threat group‘ targeting NFT holders
The warning comes only days after hackers compromised the website of Premint NFT, making off with more than 300 NFTs and $375,000 of Ethereum.
Bored Ape Yacht Club (BAYC) creator Yuga Labs has warned there may soon be a “coordinated attack” targeting multiple non-fungible token (NFT) communities.
The NFT company told its Twitter followers on July 19 that its security team has been tracking a “persistent threat group” targeting the NFT community through compromised social media accounts, urging followers to be on the lookout.
Our security team has been tracking a persistent threat group that targets the NFT community. We believe that they may soon be launching a coordinated attack targeting multiple communities via compromised social media accounts. Please be vigilant and stay safe.
— Yuga Labs (@yugalabs) July 18, 2022
This isn’t the first time the company has warned its community of a possible social media-led attack by hackers.
Not the first, not the last
In June, Gordon Goner, pseudonymous co-founder of Yuga Labs, issued a warning of a possible incoming attack on its Twitter social media accounts.
Soon after the warning, Twitter officials began monitoring activity on the accounts and fortified their existing security. Goner told investors that the company would never conduct surprise mints, a popular method attackers use to lure victims.
The month also saw two official Discord groups linked to BAYC and OtherSide NFTs were compromised, allowing scammers to share various phishing links into the official BAYC, Mutant Ape Yacht Club, and OtherSide groups on discord.
Cointelegraph asked Yuga Labs for more details about the “persistent threat group” and the potential attack but did not receive an immediate response.
Premint NFT website hacked
Yuga Labs‘ new warning comes only days after threat actors hacked popular NFT platform Premint NFT, stealing approximately 314 NFTs and $375,000 in Ethereum (ETH), making it one of the largest NFT hacks in 2022.
Premint is an NFT whitelisting service that helps NFT artists access a large number of verified NFT collectors quickly, whitelisting them for new NFT projects. The NFT services platform touts more than 12,000 NFT projects and a database of more than 2.4 million collectors.
According to blockchain security firm Certik, the thefts occurred on Sunday after hackers inserted malicious code into Premint’s website.
The code created a pop-up that prompted users to verify their wallet ownership but instead gave hackers the permissions necessary for them to transfer NFTs from their victim’s wallets.
Related: NFT, DeFi and crypto hacks abound — Here’s how to double up on wallet security
Six wallets have been identified as falling victim to the attack, containing NFTs, including Bored Ape Yacht Club, Otherside, Oddities, and Goblintown.
Premint said it would continue to “dig into the incident” and reminded users that they would never be asked to sign any kind of transaction on the platform.
We’re continuing to dig into this incident, but a reminder:
❌ You will never, EVER be asked to approve ANY KIND OF transaction on PREMINT.
✍️ When connecting a wallet, you’ll be asked to *sign* a message, but there will NEVER be a gas fee or anything resembling a transaction.
— PREMINT | NFT Access List Tool (@PREMINT_NFT) July 18, 2022
The platform has also changed in light of the attack, allowing users to log in without their wallets — which they claim will be safer and more convenient.