Yuga Labs, the development studio renowned for the popular Bored Apes Yacht Club (BAYC), warned that the NFT community is under attack. They have been tracking a persistent threat group that targets the NFT community.
Yuga developers believe that the attackers may soon launch a coordinated attack targeting multiple communities through compromised social media accounts. It urged users to be vigilant. This warning comes as millions of dollars worth of NFT exploits have occurred in the past few months. A Twitter user asked if Yuga could create a solution for vault wallets due to the high number of threats and attacks in the past. Josh Bobrowsky tweeted that given multiple threats, Yuga Labs should create a solution that doesn’t involve connecting the vault wallets to get participation metadata for high-value Otherside NFTs.
Over $375,000 worth of Ether and 314 NFTs were stolen from Premint NFT last weekend. An investigation by CertiK, a security firm, revealed a malicious JavaScript code planted by the hackers on the premint.xyz website. The code was designed to instruct users to set approvals for all when connecting their wallets to the site. As such, the attackers were able to gain access to all the assets in the users’ wallets. CertiK said the malicious file is no longer available due to the Domain Name Server no longer existing, but the effects of the attack are still visible on-chain. It pointed out that six externally owned accounts are directly associated with the attack – approximately 275 ETH stolen.
The security firm outlined that attackers exploit the centralization issues and single points of failure that come with crypto projects relying on centralized internet infrastructures. CertiK said such hacks are becoming increasingly popular, with a marked increase in attackers targeting other official accounts such as social media platforms to carry out such attacks. Moreover, the Bored Ape’s Instagram account and Discord server were exploited in April. An unofficial mint link was sent out to the followers, whereby users could mint land in the upcoming OutsideMeta.
