Influencer Zeneca and Platform PREMINT Duped by NFT Hackers

Users were duped into linking their wallets by a phony airdrop for the influencer's "Zen Academy Founders Pass" tied to Zeneca's social media pages late on Tuesday.

Attacks on the non-fungible token (NFT) community’s most recent targets include NFT influencer Zeneca and NFT registration service PREMINT.

Users were duped into linking their wallets by a phony airdrop for the influencer’s “Zen Academy Founders Pass” tied to Zeneca’s social media pages late on Tuesday.

Everyone wants to be doing something special for the neighborhood, so I’m doing it now. The hijacked Twitter account for Zeneca had been published. “I want to let you know that the airdrop for the Zen Academy Founders Pass is now officially available. There will initially be 333 of these passes. the fortunate few who can obtain one.”


Twitter Reacts Quickly

Twitter’s head of consumer product marketing Justin Tayler quickly after the post was sent, confirmed that the account was hacked and shut it down.

Zeneca, who has subsequently regained access to his account, asserts that he is unaware of the details of the attack. He claimed to have two-factor authentication (2FA) enabled using Google Authenticator in a Twitter conversation and even suggested that this might be an inside job.

Tayler was also asked to conduct an internal inquiry by Web3 security analyst Serpent, who claimed that “far too many high profile identities (with authenticator 2FA) had been hacked recently.”

The attack happened shortly after Yuga Labs, the company that created the Bored Ape Yacht Club, tweeted on Monday to warn the NFT community about “a persistent threat organization that targets the NFT community.”

“We predict they will soon use compromised social media accounts to undertake a coordinated attack against several communities. Please exercise caution and remain safe, “Yuga Labs’ official Twitter account stated.

In a related incident, the NFT registration platform PREMINT was breached on July 17, causing users who clicked on a malicious link to lose a total of about USD 430,000.

In a discussion on Twitter, PREMINT acknowledged the attack and stated that “the vulnerability only affected customers who connected a wallet using this dialog after midnight Pacific time.”

A malicious JS file was uploaded to the PREMINT website by the hacker, according to a security analysis report by Certik. Unaware users were prompted to sign a transaction after clicking the link, giving the hacker access to their NFTs.

Six Ethereum (ETH) addresses directly connected to the assault have been found by Certik, and about ETH 275 (or $ 430,330) was taken in NFTs.

The site announced on July 18 that when logging back into PREMINT, users no longer require their wallets. Instead, you might utilize your Twitter or Discord accounts.

PREMINT announced they will go live on Wednesday (UTC) to provide “important news about our security incident and next moves.”

Comments are closed, but trackbacks and pingbacks are open.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More