Yuga Labs says 'Persistent Threat Group' Targeting Holders of NFT

Yuga Labs warning comes just days after hackers infiltrated the Premint NFT website and stole more than 300 NFTs and $375,000 in Ethereum.

Several non-fungible token (NFT) communities may soon be the subject of an “organized attack,” according to Bored Ape Yacht Club (BAYC) developer Yuga Labs.

Contents

Yuga Labs warning comes just days after hackers infiltrated the Premint NFT website and stole more than 300 NFTs and $375,000 in Ethereum.Not first time, not last time Premint NFT website hacked

On July 19, the NFT company informed its Twitter followers that a “persistent threat organization” had been identified that was using hacked social media accounts to target the NFT community. The company urged followers to be vigilant.

Our security team has been tracking a persistent threat group that targets the NFT community. We believe that they may soon be launching a coordinated attack targeting multiple communities via compromised social media accounts. Please be vigilant and stay safe.
— Yuga Labs (@yugalabs) July 18, 2022

The business has already alerted its community about the possibility of a hacking assault using social media.

Not first time, not last time

Gordon Goner, a co-founder of Yuga Labs who goes by the alias Gordon, forewarned the company in June of a potential oncoming attack on its Twitter social media accounts.

Soon after the alert, Twitter representatives started keeping an eye on what was happening with the accounts and strengthened their security. Goner assured investors that the business would never engage in surprise mints, a common tactic used by attackers to seduce victims.

Two official Discord groups connected to BAYC and OtherSide NFTs were also compromised during the month, giving con artists access to the official BAYC, Mutant Ape Yacht Club, and OtherSide Discord groups.

Premint NFT website hacked

A few days have passed after threat actors broke into the well-known NFT platform Premint NFT and stole about 314 NFTs and $375,000 in Ethereum (ETH), making it one of the biggest NFT hacks of 2022.

An NFT whitelisting tool called Premint enables NFT artists to swiftly gain access to a large number of verified NFT collectors and add them to a whitelist for new NFT projects. The NFT services platform boasts a database of more than 2.4 million collectors and more than 12,000 NFT projects.

The thefts allegedly took place on Sunday as a result of hackers injecting malicious code onto Premint’s website, according to blockchain security company Certik.

Instead of requesting users to confirm their wallet ownership, the code instead granted hackers the rights they needed to transfer NFTs from the wallets of its victims.

The attack has been traced to six wallets that included NFTs, including Goblintown, Otherside, Bored Ape Yacht Club, and Otherside.

Users were warned that Premint would never ask them to sign any kind of transaction and that the company would “look into the matter.”

We're continuing to dig into this incident, but a reminder:

❌ You will never, EVER be asked to approve ANY KIND OF transaction on PREMINT.

✍️ When connecting a wallet, you'll be asked to *sign* a message, but there will NEVER be a gas fee or anything resembling a transaction.
— PREMINT (@premint) July 18, 2022

In response to the incident, the site has also been altered, enabling users to log in without their wallets, which they claim will be safer and more practical.