• Nike’s NFT Brand RTFKT COO Nikhil Gopalani has lost nearly $200,000 worth of NFTs in a phishing attack.
• OpenSea data shows that two wallets belonging to the attacker have stolen 19 CloneX NFTs worth over $138,000 combined, 18 RTKFT Space Pods, 17 Loot Pods, 11 CryptoKicks, 19 RTFKT Animus Eggs, and more from Gopalani’s wallet.
• RTFKT CTO Samuel Cardillo stated that companies such as Microsoft, Apple, etc. will never ask for passwords, private keys, or any other forms of private information via phone or emails.
Nike’s NFT Brand RTFKT COO Nikhil Gopalani was the victim of a phishing attack that resulted in the loss of nearly $200,000 worth of NFTs. According to a tweet by Gopalani, he lost his collection of NFTs, which included Clone X NFTs and items from other collections, to a scammer in an apparent phishing attack. OpenSea data further shows that two wallets belonging to the attacker have stolen 19 CloneX NFTs worth over $138,000 combined, 18 RTKFT Space Pods (over $6,300 total), 17 Loot Pods ($6,200), 11 CryptoKicks ($3,000), 19 RTFKT Animus Eggs ($20,200), and more from Gopalani’s wallet.
The wallets that appear to be linked to Gopalani have lost all their NFTs except for one: a Death Row Records NFT of the “Clone X Theme Song” worth about $59. To make matters worse, Gopalani was unable to move for the whole day after the devastating incident, and is clearly hurt by the loss.
In response, RTFKT CTO Samuel Cardillo warned people to be aware of the dangers of phishing attacks. He noted that companies such as Microsoft, Apple, etc. will never ask for passwords, private keys, or any other forms of private information via phone or emails. Cardillo further implied that a legal investigation may be underway, stating on Twitter that “a lawful agency” needed to be able to “do an investigation properly” as the reason for not being able to release more details.
The incident serves as a reminder of the importance of not only having strong security protocols, but also being aware of the dangers of phishing attacks. It is important to ensure that private information, such as passwords and private keys, are never shared with anyone, even if it appears to be a legitimate message from a company. Thus, it is essential to remain vigilant and to always double-check any online communication for suspicious behavior.