🚨 @PREMINT_NFT’s website is compromised.
What do I do? 🧵
1/ Goto revoke.cash or EverRise.com/EverRevoke and revoke all “set approval for all” and any crazy token allowances
2/ Move any NFT or Tokens you can’t afford to lose to a VAULT 🔒
3/ What do you mean by VAULT?
By VAULT I mean a cold storage wallet such as a @Ledger however this would never even be connected to MetaMask or any dApps. Strictly to send assets IN and OUT. Meaning no buying on @opensea or interacting with a staking contract!
4/ How could I have protected myself? This one is tough but the best thing you could’ve done is understand that the only place that truly should require “set approval for all” is @opensea or other NFT marketplaces.
🔎 Always check the website making the request as well
5/ Let’s talk about what went wrong with @PREMINT_NFT
- the file compromised on premint’s website is “boomerang.js”
- The LIKELY suspect is a third party dependency being compromised
- This allowed the hacker to download their script onto your computer and run it automatically
TL;DR/
🚨 @PREMINT_NFT Website compromised
⚠️ Always check where a “set approval for all” is coming from
🔒 Utilize a VAULT for your precious NFTs & Tokens
Next Twitter Space/
🎙Web3 Security Radio: Episode 7🎙
📝 Topics:
- Wallet Drainers
- Discord Cold Admins
- @PREMINT_NFT compromise
If you’d like to be a panelist shoot us a DM 🎙
#SpacesHost
twitter.com/i/spaces/1OdJr…
Share this Scrolly Tale with your friends.
A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.