Note how he didn't even say which wallet infected his system with the supposed rootkit. Even if he was telling the truth, which I highly doubt at this point in time, he is still undeniably reprehensible for not sharing information regarding a malware-infected wallet with the general public.
I Agree, my opinion is, the community you create is your own responsability, if it fail, you fail, so, the thief in question in this case is the cryptokk owner.
People can choose to work to repair things, can choose to learn from mistakes... this isn't the case, and if cryptokk don't come online again, the only responsability for the loses is the owner and no one else.