Hackers Target Zeneca and PREMINT

Hacking attempts against the non-fungible token (NFT) community have recently focused on the influencer Zeneca and the NFT registration site PREMINT.

Late on Tuesday night, Zeneca’s social media accounts were hacked, and they were linked to a fraudulent airdrop for the influencer’s “Zen Academy Founders Pass.” This tricked followers into connecting their wallets to receive free cryptocurrency.

“Hey everyone wanted to do something special for the community so here I go!” Zeneca’s compromised Twitter account had posted. “I would like to announce the official release of the Zen Academy Founders Pass airdrop. There will be 333 of these passes to start off. The lucky few that manage to get one.”

Shortly after the message was posted, the head of consumer product marketing for Twitter, Justin Tayler, acknowledged that the account had been hacked and then disabled it.

Zeneca, who has subsequently regained access to his account, asserts that he is clueless on the manner in which his account was hacked. In a post on Twitter, he stated that he had two-factor authentication (also known as 2FA) enabled using Google Authenticator and even went so far as to assume that this may have been an inside job.

An internal probe was also requested by Web3 security analyst Serpent, who stated that “far too many high profile accounts (with authenticator 2FA) have been getting hacked recently.”

The breach occurred not long after the developer of the Bored Ape Yacht Club, Yuga Labs, issued a warning to the NFT community through Twitter on Monday about “a persistent threat group that targets the NFT community.”

Advertisement

The NFT registration platform PREMINT was hacked on July 17, resulting in total losses of about USD 430,000 for users who clicked on a fraudulent link. Meanwhile, in a separate incident, the NFT registration site PREMINT was hacked.

In a thread on Twitter, PREMINT verified the attack and explained that the “issue only affected users who connected a wallet via this dialog after midnight Pacific time.”

The website of PREMINT was hacked, as stated in a report on the website’s security that was analyzed by Certik. The hacker penetrated the website by uploading a malicious JS file to the website. Users who did not realize what was happening to them were asked to sign a transaction that would grant the hacker access to steal their NFTs when they clicked on the link.

Certik has found six Ethereum (ETH) addresses that are directly involved with the assault, and estimates that about 275 ETH, or 430,330 USD, was taken in the form of NFTs.

The site made an announcement on July 18 stating that users would no longer require their wallets in order to log back into PREMINT. Instead, accounts on Twitter or Discord might be utilized.

PREMINT announced that they will be going live later on Wednesday afternoon (UTC time) to provide “big news about our security incident and next steps.”

Advertisement