Early morning today, July 17, attackers hacked NFT service provider PREMINT’s website. While some users have reported that attackers stole their NFTs, we don’t yet know the full extent of the damage. At the time of writing, PREMINT’s website was up and running and the team had not yet confirmed if they had regained access to the website. Let’s take a look at what we know so far about the PREMINT hack.
PREMINT hack: What happened?
Today morning, many took to Twitter to issue warnings about PREMINT’s hack, cautioning users against making any transactions on the project’s website. For the uninitiated, PREMINT is an NFT service provider that allows top NFT artists to build access lists and raffles for community members.
“Please do not sign any transactions that say set approvals for all!” PREMINT Tweeted. The project added that they are currently looking into reports.
By giving token approval, you are essentially giving the hacker approval to move your NFTs, without you signing anything again. However, you can revoke this approval.
To check if your wallet was compromised in the PREMINT hack, go to Etherscan and check your wallet’s history. If you notice a Set Approval function anywhere, it means that you signed a ‘set approvals for all’ transaction. In your history, you will also be able to see any transactions that you didn’t do yourself—a clear sign that your wallet was compromised.
What to do if your wallet was compromised
If your wallet was compromised, here’s what you can do:
- Go to revoke.cash or etherscan.io/tokenapprovalchecker to revoke permission. Here, you can revoke access to each NFT that was approved by clicking the ‘Revoke’ button. Once revoked, go to Etherscan. Under logs, if the data section says “False”, it means that you have revoked your approvals.
- Alternatively, you can move all your assets to a different wallet for the time being.
Ultimately, it’s always safer to use a crypto burner wallet to avoid situations like this. Essentially, a burner wallet is a temporary crypto wallet that you use purely for minting NFTs or making any dApp transactions. This wallet will only have the minimum amount you need to mint an NFT or pay for gas. This way, even if someone hacks your burner wallet, your primary assets will remain safe.
PREMINT hack is not the first this week
Since last year, there has been a significant increase in NFT hacks, with PREMINT being the latest victim. Early today, we reported that a hacker targeted NFT Artist DeeKay’s Twitter account on Friday. Reportedly, the hack resulted in losses amounting to $150,000 in NFTs.
With NFT scams on the rise, it is now more important than ever to be extra cautious while approving any transactions. Always double-check the authenticity of any NFT drops, even if it comes from a verified account.