The PREMINT website was compromised, users need to remove approvals

PREMINT – a webservice for NFT creators, aiding them in building access lists and raffles for their communities, reported its website was breached by a malicious party forcing users to approve all transactions. Ultimately this would allow the attackers to move any NFTs held by users whose wallets are compromised. The platform urged its community members to check whether their wallet has been compromised in the PREMINT hack on Etherscan by taking a look at its transaction history and checking for any unaccounted transactions including the “Set Approval” function.

Once the attack was discovered on Sunday, July 17, the PREMINT team took the website down to impose additional security measures. In the meantime, they started gathering information regarding the incident and asked any affected users to fill a form with their details.

If you were affected by the incident on PREMINT today, please add your wallet here: https://t.co/gvNiOyD24M

— PREMINT | NFT Access List Tool (@PREMINT_NFT) July 17, 2022

PREMINT stated that the issue affected users who connected to the website after midnight Pacific time on Sunday, and was a result of a file that was manipulated to present users with a malicious wallet connection. As part of the security measures put in place to prevent such incidents in the future, the PREMINT team announced users will no longer need their wallet to log back into the app, as that will be possible through their Twitter or Discord account, provided they are connected to their PREMINT account, via their profile menu.

NFT Share This Article