A “clever” phishing attack that targeted RTFKT COO Nikhil Gopalani resulted in the loss of about $200,000 in NFTs from his wallet. Gopalani said in a tweet on Tuesday that he had lost his NFT collection—which contained Clone X NFTs and items from other collections—to a con artist in what appeared to be a phishing scam.
The very lucrative next-generation cryptocurrency company RTFKT, which is creating waves in the digital wearables market and collaborated on material with artist Takashi Murakami, was purchased by Nike in December 2021. However, in what appears to have been a phishing attack on Monday, Gopalani lost his enormous stash of NFTs to a con artist.
According to information from OpenSea, the attacker’s two wallets have stolen 19 CloneX NFTs ($138,000), 18 RTKFT Space Pods ($6,300), 17 Loot Pods ($6,200), 11 CryptoKicks ($3,000), 19 RTFKT Animus Eggs worth over ($20,000), and more from Gopalani’s wallet. One should note that these prices are ridiculously low estimates determined using the base rate for each collection, so Gopalani’s previous holdings, which included a rare Murakami CloneX, #17088, could fetch significantly higher prices. Sadly, only a Death Row Records NFT of the “Clone X Theme Song” valued at roughly $59 remains in the wallet that looks to be connected to Gopalani.
RTFKT CTO Samuel Cardillo declined to comment on specifics of the hack when questioned, citing “legal purposes.” However, he emphasized that companies like Apple and Microsoft will never call or email users and request their password, private key, or “any other forms of private information.”
“All I can say is: be aware that companies such as Microsoft, Apple, … will never ask you for your password, your private key nor any other forms of private information via phone nor emails.”
While many of the COO’s assets are still visible in the other attacker’s wallet, it currently looks like one of the attackers’ wallets is empty at the time of writing.
Although the specifics of the phishing attack remain unknown, Gopalani might have unintentionally divulged private information to a hacker acting as an Apple official, according to a response from RTFKT CTO Samuel Cardillo.
Cardillo denied a claim that his reply was “very corporate” and suggested that a legal inquiry might be in progress by tweeting that more information could not be provided because “a lawful agency” needed to be able to “do an investigation properly.”
Since his wallet was stolen a day ago, CloneX #17088, which continues to be Gopalani’s Twitter profile photo, has already been traded twice. The current owner of the NFT is the same person that runs the Twitter account called ‘lyx.eth’ and owns two additional CloneX NFTs.
A news outlet apparently got in touch with lyx.eth, where the account claimed that they had been searching to purchase an NFT similar to Gopalani’s for “almost half a year” and were not aware that they were purchasing the COO’s stolen NFT. Further, the account claims that RTFKT has already made contact in an effort to recover the stolen NFT.
In 2022, there was a significant increase in the number of scammers that targeted members of the NFT community, along with a significant surge in the number of DeFi attacks. One of the incidents that was an exploit that cost the well-known NFT collection Bored Ape Yacht Club (BAYC) ETH 200 in digital assets.