This warning comes just a few days after hackers broke into the Premint NFT website and stole more than 300 NFTs and $375,000 in Ethereum.
Yuga Labs, the company that made the Bored Ape Yacht Club (BAYC), has warned that there may soon be a “coordinated attack” on several non-fungible token (NFT) communities.
The NFT company told its Twitter followers on July 19 that its security team has been tracking a “persistent threat group” that is targeting the NFT community through compromised social media accounts. The company asked its followers to be on the lookout.
This isn’t the first time the company has warned its customers about a possible hacker attack led by social media.
It’s neither the first nor the last.
Gordon Goner, a fake name for the co-founder of Yuga Labs, warned in June that the company’s Twitter accounts might be attacked.
Soon after the warning, Twitter started keeping an eye on what was going on with the accounts and made their security even stronger. Goner told investors that the company would never do surprise mints, which are a common way for attackers to catch people.
This month, two official Discord groups linked to BAYC and OtherSide NFTs were hacked. This gave scammers access to the official BAYC, Mutant Ape Yacht Club, and OtherSide Discord groups, where they could share phishing links.
Cointelegraph asked Yuga Labs for more information about the “persistent threat group” and the possible attack, but they didn’t answer right away.
Premint NFT site was hacked
The new warning from Yuga Labs comes just days after hackers broke into the popular NFT platform Premint NFT and stole about 314 NFTs and $375,000 in Ethereum (ETH). This was one of the biggest NFT hacks of 2022.
Premint is a service for whitelisting NFT collectors that makes it easy for NFT artists to get in touch with a large number of verified NFT collectors and add them to their whitelist for new NFT projects. The NFT services platform has a database of more than 2.4 million collectors and more than 12,000 NFT projects.
Blockchain security company Certik says that the thefts happened on Sunday after hackers put bad code on Premint’s website.
The code made a pop-up that asked users to prove that they owned their wallets, but it actually gave hackers the permissions they needed to move NFTs out of their victims’ wallets.
Six wallets with NFTs, like Bored Ape Yacht Club, Otherside, Oddities, and Goblintown, have been found to have been affected by the attack.
Premint said it would keep “digging into the incident” and reminded users that they would never be asked to sign anything on the platform.
Because of the attack, the platform has also changed. Now, users can sign in without their wallets, which they say will be safer and more convenient.