Yuga Labs warns of ‚persistent threat group‘ targeting NFT holders

0

The warning comes only days after hackers compromised the website of Premint NFT, making off with more than 300 NFTs and $375,000 of Ethereum.

Bored Ape Yacht Club (BAYC) creator Yuga Labs has warned there may soon be a “coordinated attack” targeting multiple non-fungible token (NFT) communities.

The NFT company told its Twitter followers on July 19 that its security team has been tracking a “persistent threat group” targeting the NFT community through compromised social media accounts, urging followers to be on the lookout.

This isn’t the first time the company has warned its community of a possible social media-led attack by hackers.

Not the first, not the last

In June, Gordon Goner, pseudonymous co-founder of Yuga Labs, issued a warning of a possible incoming attack on its Twitter social media accounts.

Soon after the warning, Twitter officials began monitoring activity on the accounts and fortified their existing security. Goner told investors that the company would never conduct surprise mints, a popular method attackers use to lure victims.

The month also saw two official Discord groups linked to BAYC and OtherSide NFTs were compromised, allowing scammers to share various phishing links into the official BAYC, Mutant Ape Yacht Club, and OtherSide groups on discord.

Cointelegraph asked Yuga Labs for more details about the “persistent threat group” and the potential attack but did not receive an immediate response.

Premint NFT website hacked

Yuga Labs‘ new warning comes only days after threat actors hacked popular NFT platform Premint NFT, stealing approximately 314 NFTs and $375,000 in Ethereum (ETH), making it one of the largest NFT hacks in 2022.

Premint is an NFT whitelisting service that helps NFT artists access a large number of verified NFT collectors quickly, whitelisting them for new NFT projects. The NFT services platform touts more than 12,000 NFT projects and a database of more than 2.4 million collectors.

According to blockchain security firm Certik, the thefts occurred on Sunday after hackers inserted malicious code into Premint’s website.

The code created a pop-up that prompted users to verify their wallet ownership but instead gave hackers the permissions necessary for them to transfer NFTs from their victim’s wallets.

Related: NFT, DeFi and crypto hacks abound — Here’s how to double up on wallet security

Six wallets have been identified as falling victim to the attack, containing NFTs, including Bored Ape Yacht Club, Otherside, Oddities, and Goblintown.

Premint said it would continue to “dig into the incident” and reminded users that they would never be asked to sign any kind of transaction on the platform.

The platform has also changed in light of the attack, allowing users to log in without their wallets — which they claim will be safer and more convenient.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Bitte geben Sie den Coingecko Free Api Key ein, damit dieses Plugin funktioniert

Subscribe To The Latest Crypto News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.