RTFKT COO Loses NFTs in Massive Hack

RTFKT COO Nikhil Gopalani said he was hacked by a “clever phisher” who stole his NFT collection.

RTFKT is a massively profitable next-generation crypto brand acquired by Nike in December 2021 that is making waves in the digital wearable space and has collaborated with artist Takashi Murakami to create content. In an apparent phishing attack Monday, Gopalani lost his massive treasure trove of NFTs to a scammer.

“Greetings, Clone X community— I was hacked by a clever phisher (same phone number as Apple ID) [who] sold all my Clone X / some other NFTs,” Gopalani tweeted.

“Obviously, I’m upset and hurt by this, and I haven’t been able to move much all day,” he added. “I hope the people who bought my clones like them (being optimistic).”

At the time of writing, the wallet associated with Gopalani had lost all of its NFTs except one: a Death Row Records NFT of the “Clone X Theme Song” worth around $59. Etherscan reveals that only $0.11 of ETH is still in the wallet.

According to OpenSea data, the attacker used two wallets to steal more than $173,000 in NFTs from Gopalani’s wallet, including 19 CloneX NFTs worth more than $138,000, 18 RTKFT Space Pods (over $6,300 total), 17 Loot Pods ($6,200), 11 CryptoKicks ($3,000), 19 RTFKT Animus Eggs ($20,200), and more.

Advertisement

It’s worth noting that these are lowball estimates based on the floor price of each collection, so Gopalani’s previous holdings—which included a sought-after Murakami CloneX, #17088—could resell for much more.

At the time of writing, one of the attackers’ wallets appears to be empty, while the other still appears to contain many of the COO’s assets in plain sight.

While it’s unclear how the phishing attack took place, a response from RTFKT CTO Samuel Cardillo suggests that Gopalani may have inadvertently provided confidential information to a hacker posing as an Apple representative.

“We won’t be able to go into greater detail until further notice,” Cardillo said in response to the hack.

“All I can say is that companies like Microsoft and Apple will never ask you for your password, private key, or any other form of private information over the phone or via email.”

Cardillo rejected the charge that his response was “very corporate” and hinted at a legal investigation, stating on Twitter that “a lawful agency” needed to be able to “do an investigation properly” as the reason why more details could not be shared.

CloneX #17088, which is still Gopalani’s Twitter profile picture, has changed hands twice since his wallet was emptied a day ago. The holder of lyx.eth now owns the NFT, as well as two other CloneX NFTs.

lyx.eth stated in a message that they were unaware they were purchasing the COO’s stolen NFT and had been looking to purchase an NFT similar to Gopalani’s for “over half a year.”

Advertisement

According to Lyx, RTFKT has already attempted to reclaim the stolen NFT.

“I’ve talked with some RTFKT members, but I need to think about what to do,” Lyx told in an interview

When asked if he planned to sell or return the NFT, Lyx said they weren’t sure.

“We’re definitely going to hold it for now,” they said.

For More NFT News, Click Here.

Advertisement