Premint, an art foundry platform, suffered a malicious attack yesterday (17) at around 4pm Beijing time. Premint officials said that an unknown third party implanted files, causing users to lose assets. At that time, the website was temporarily closed to avoid further damage, and the website has been reopened at the deadline.
According to Certik, the site’s front-end premint.xyz was hacked with a malicious JavaScript phishing file that misled users into using a license contract linked to the official website. NFTS and stolen money were transferred to six wallet addresses.
It includes a variety of blue-chip NFTS such as Bored Ape Yacht Club, Otherside, Oddities and goblintown.wtf.
According to the Slow Fog tweet, about 300 NFTS were stolen by the hackers, and the criminals made at least 280ETH after selling some of them. However, as the news spread quickly, the criminals sold the stolen goods through Opensea and other platforms, and other transactions have failed.
After the incident, the Premint official post reminded users that no transaction can be accessed to the official Premint website. Premint will not require any transaction access. Please be careful not to authorize any unknown transaction.
The affected users are also being investigated, and if anything unusual is found, the authorities have set up a questionnaire to collect the addresses of the victims to clarify the situation, not to rule out that the victims may be more widespread than thought.