慢雾:黑客在 premint.xyz 网站中通过植入恶意的 JS 文件实施钓鱼攻击
链捕手消息,据慢雾区情报反馈,7 月 17 日 16:00,premint.xyz 遭遇黑客攻击,黑客在 premint.xyz 网站中通过植入恶意的 JS 文件来实施钓鱼攻击,欺骗户签名 setApprovalForAll(address,bool)的交易,从而盗取用户的 NFT 等资产。慢雾安全团队提醒用户,如果有使用 premint.xyz 平台请检查授权设置并及时取消恶意授权。
取消授权的工具:
1、https://etherscan.io/tokenapprovalchecker
2、https://revoke.cash/
恶意的 JS 文件:
https://s3-redwood-labs-premint-xyz.com/cdn.min.js?v=1658046560357
Related tags
ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
Related tags
