Krishna Okhandiar, the founder of Remilia and the Milady non-fungible token (NFT) collection, more commonly known by the pseudonym “Charlotte Fang” has claimed that his wallet was drained by hackers after several popular NFTs and assets were transferred out and liquidated over the weekend.
Dumpster DAO flagged the suspicious transactions on X, noting Okhandiar’s response to the Remilia treasury being drained. Onchain data shows that the so-called drainer wallet received assets from Remilia-linked wallets, and then sold them for around 850 ether (ETH), netting the drainer nearly $3 million at current prices.
Remilia treasury appears to have been drained
Assets from multiple official Remilia wallets have been moved to the address below and are being sold off
0x778Be423ef77A20A4493f846BdbcDDfc30252cE9 pic.twitter.com/AgwmVwWIE4
— Dumpster DAO (@Dumpster_DAO) March 16, 2024
Milady is a collection of 10,000 NFTs minted on Ethereum depicting generative artwork of anime-style women. The collection gained traction after Tesla CEO Elon Musk tweeted about it in May 2023, sending the floor price soaring close to 60% in a single day. Remilia is the decentralized autonomous organization (DAO) behind the Milady collection.
Okhandiar claims that a hack on his system compromised all imported wallets, sharing a post-mortem analysis that identifies the root cause as “unknown malware” that compromised his password manager, which held the seed phrases to all wallets, including the multisig wallet for Remilia’s treasury.
“NFT contract/metadata ownership were previously migrated to a hardware wallet standard so are secure,” he noted on X.
“Our operating treasury was migrated off-chain so is secure. We never planned to sell any of our own NFTs any time soon so this doesn’t effect our budgeted plans.”
Some members of the crypto community were skeptical of the Milady founder’s claims, with Web3 security researchers scrutinizing the nature of the exploit and the events that took place shortly after.
There are no drainer fees or splits. There's nothing other than straight transfers (bulk for the NFTs). Absolutely not a drainer.
This is either lost seed(s), or malware (and I highly doubt that, because he wouldn't be yapping in Disc) or it's intentional.
— Plum (@Plumferno) March 16, 2024
This isn’t the first time Okhandiar and Milady have been at the centre of controversy, with Okhandiar claiming in September that a rogue developer had siphoned $1 million from the treasury. A few weeks later, Bloomberg reported that Milady’s other cofounders named Okhandiar in a lawsuit, alleging that he seized $1.7 million from the project after he was forced to step back over “extremist and overtly racist” online posts.