A hacker stole $375,000 from users of Premint NFT platform

Quick Take

  • A hacker stole 314 NFTs after injecting malicious code on Premint’s website.
  • The stolen NFTs were sold for roughly $375,000.

On Sunday, a hacker compromised the official website of an NFT whitelisting platform called Premint to steal $375,000 worth of NFTs.

According to security firm CertiK, a black hat hacker injected a malicious piece of JavaScript code on premint.xyz, instructing users to sign a malicious transaction through a wallet pop-up. A total of six users signed the code, giving the hacker full control to spend funds.

"Last night, a file was manipulated on PREMINT by an unknown third party that led to users being presented with a wallet connection that was malicious," the Premint team stated.

Before the exploit could be discovered, the hacker was able to steal 314 different NFTs. These included NFTs from collections like Bored Ape Yacht Club, Otherside, Moonbirds Oddities, and Goblintown.

The stolen assets were sold for 270 ETH ($375,000) around 07:30 a.m. ET on Sunday. The hacker transferred the proceeds to this address and routed them through Tornado Cash, a popular transaction mixer on the Ethereum network.


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

The exploit continues the growing trend of hackers leveraging vulnerabilities in traditional web infrastructure to carry out security exploits on web3 projects.

Last month, hackers exploited websites operated by decentralized finance projects Ribbon Finance and Convex Finance to execute phishing attacks. In other incidents, Discord servers, Twitter and Instagram accounts have been exploited to circulate phishing links aimed at stealing cryptocurrency and NFTs. 

“It’s clear from this that the web3 ecosystem needs to take into account the interconnects with web2 technologies, particularly at points where its reliance on them becomes a vulnerability,” a spokesperson for CertiK told The Block.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Vishal Chawla is The Block’s crypto ecosystems editor and has spent over six years covering tech protocols, cybersecurity, artificial intelligence and cloud computing. Vishal likes to delve deep into blockchain intricacies to ensure readers are well-informed about the continuously evolving crypto landscape. He is also a staunch advocate for rigorous security practices in the space. Before joining The Block, Vishal held positions at IDG ComputerWorld, CIO, and Crypto Briefing. He can be reached on Twitter at @vishal4c and via email at [email protected]