In a significant cybercrime revelation, renowned on-chain investigator ZachXBT has presented convincing evidence connecting convicted UK hacker Gurvinder Bhangu, known as Gurv, to the recent breaches of the X accounts of actress Sydney Sweeney and ‘Breaking Bad’ actor Bob Odenkirk. These breaches resulted in the theft of over $530,000 through fraudulent Solana meme coins.
The SWEENEY Pump and Dump Scheme
On July 2nd, Sydney Sweeney’s account was compromised via a SIM swap attack. Her account was used to promote a deceptive Solana-based meme coin named SWEENEY, leading to a brief surge in its value before it crashed in a pump-and-dump maneuver.
According to ZachXBT, the wallets associated with the SWEENEY scam offloaded more than $515,000 worth of the coin before liquidating the assets. Post-hack, the perpetrator mocked social media users and attempted to claim responsibility for other high-profile hacks, including those of Hulk Hogan and rapper 50 Cent, though these claims lack substantial evidence.
ZachXBT employed timing analysis to trace the SWEENEY scam’s proceeds to a Solana exchange, where they were converted into Bitcoin and Ethereum. Additionally, screenshots revealed Gurv receiving login codes for Sweeney’s account from the SIM swap via Telegram, along with a Verizon receipt for the SIM swap. These clues were instrumental in identifying Gurv, who has a history of hacking Instagram accounts and extorting users.
Bob Odenkirk’s Account Follows Suit
The probe also disclosed that on July 9th, 1.5 ETH was sent to an exchange and then moved to Solana, linked to the Sydney Sweeney SIM swap incident. On that same day, Bob Odenkirk’s account was similarly hacked, with posts promoting meme coins KIRK and SAUL.
However, the hackers’ efforts yielded minimal financial gain due to poor execution. Notably, the proceeds were traced back to the same Ethereum address implicated in the Sweeney hack. Further evidence indicated that the stolen funds were used for cryptocurrency gambling and gift card purchases. The wallets tied to these hacks currently hold $488,000.
Conclusion
This case highlights the increasing sophistication of cybercriminals and the critical need for stringent cybersecurity measures. As cryptocurrency scams become more common, the work of investigators like ZachXBT is vital in exposing and preventing such frauds. The connection of Gurv to these prominent hacks underscores the ongoing threat posed by experienced hackers and the necessity for enhanced security in the digital realm.
