链上侦探 ZachXBT 将好莱坞 X 帐户黑客攻击与被定罪的英国黑客 Gurvinder Bhangu 联系起来

链上侦探 ZachXBT 发现了两名好莱坞名人的 X 账户被黑客入侵之间的联系，这些账户被用来制造模因币骗局

Two recent high-profile X account hacks that saw the compromised accounts of actors used to advertise scam meme coins, generating over $530,000 in stolen funds, have been linked to Gurvinder Bhangu, a convicted U.K. hacker better known as Gurv.

最近发生的两起备受瞩目的 X 账户黑客攻击事件，导致用于宣传诈骗模因代币的参与者账户被盗，产生了超过 53 万美元的被盗资金，这起事件与 Gurvinder Bhangu 有关，Gurvinder Bhangu 是一位被定罪的英国黑客，俗称 Gurv。

On July 30, well-known anonymous crypto investigator ZachXBT shared his research into the hacks in an X thread.

7 月 30 日，知名匿名加密货币调查员 ZachXBT 在 X 线程中分享了他对黑客攻击的研究。

The hacks saw the compromised X accounts of actors Sydney Sweeney and Bob Odenkirk used to promote scam meme coins in a bid to generate hype and inflate the price of the tokens before selling their large holdings.

黑客发现演员西德尼·斯威尼 (Sydney Sweeney) 和鲍勃·奥登科克 (Bob Odenkirk) 的 X 账户被盗，他们用来推销诈骗模因代币，目的是在出售其持有的大量代币之前进行炒作并抬高代币的价格。

According to ZachXBT’s investigation, on July 2, Sweeney’s X account was compromised and posts promoting a Solana-based token dubbed “$SWEENEY” began to appear from the actor’s hacked account. Within two hours, the scam token saw over $10 million in trading volume on the decentralized exchange (DEX) Serum, causing its price to spike and then crash.

根据 ZachXBT 的调查，7 月 2 日，Sweeney 的 X 帐户遭到入侵，该演员被黑的帐户中开始出现宣传名为“$SWEENEY”的基于 Solana 的代币的帖子。两个小时内，该诈骗代币在去中心化交易所 (DEX) Serum 上的交易量超过 1000 万美元，导致其价格飙升，然后暴跌。

2/ On July 2nd Sydney Sweeney was SIM swapped and a link to a meme coin was posted causing the price to spike and crash. Team wallets from the SWEENEY scam sold $515K+Main team walletsAgySZeAtqM3iSbvMPxv2g94oTd3segx4WdKuFD7M5CErjQEaiiAkRGhFoCDnjxn6mmtrksC4EckF38fxkaNMs1j pic.twitter.com/Vm0txgjl7B

2/ 7 月 2 日，Sydney Sweeney 被更换了 SIM 卡，并发布了一个 meme 硬币的链接，导致价格飙升和崩溃。 SWEENEY 骗局的团队钱包已售出 51.5 万美元+主团队钱包AgySZeAtqM3iSbvMPxv2g94oTd3segx4WdKuFD7M5CErjQEaiiAkRGhFoCDnjxn6mmtrksC4EckF38fxkaNMs1j pic.twitter.com/Vm0txgjl7B

The attack coincided with reports that Sweeney’s Verizon phone number was reportedly hijacked. 404 media obtained a Verizon receipt from the same day, indicating a $37.54 payment order, confirming that Sweeney was the victim of a sim-swapping attack.

这次袭击恰逢斯威尼的 Verizon 电话号码被劫持的报道。 404媒体当天获得了一张Verizon收据，显示一张37.54美元的付款单，证实斯威尼是SIM卡交换攻击的受害者。

According to ZachXBT, Gurv — previously convicted in the U.K. for hacking Instagram accounts and blackmailing users — received verification codes for Sweeney’s account via Telegram, strengthening the link between Gurv and the hack.

据 ZachXBT 报道，Gurv 此前因黑客 Instagram 账户和勒索用户而在英国被定罪，通过 Telegram 收到了 Sweeney 账户的验证码，从而加强了 Gurv 与黑客之间的联系。

ZachXBT highlighted that the hacker used the same Telegram user ID to receive the code across multiple groups, discussing his time in prison and linking it to the hacks.

ZachXBT 强调，黑客使用相同的 Telegram 用户 ID 在多个群组中接收代码，讨论了他在监狱中的经历并将其与黑客行为联系起来。

The crypto investigator added that proceeds from the attack were initially transferred as Solana (SOL) to an exchange, where the funds were swapped for Bitcoin (BTC) and Ethereum (ETH) before being dispersed to several addresses. According to ZachXBT, the on-chain activity suggests that there were multiple people involved in the scam.

这位加密货币调查员补充说，攻击所得的收益最初以 Solana (SOL) 的形式转移到交易所，在那里资金被交换为比特币 (BTC) 和以太坊 (ETH)，然后被分散到多个地址。据 ZachXBT 称，链上活动表明有多人参与了该骗局。

The investigation revealed that on July 9, another 1.5 ETH as sent to an exchange from a wallet connected to the Sweeney SIM swap.

调查显示，7 月 9 日，又有 1.5 ETH 从连接到 Sweeney SIM 交换的钱包发送到了交易所。

Odenkirk also hacked

奥登科克也被黑了

The investigator linked the Sweeney hack to another extremely similar attack on actor Bob Odenkirk’s X account, also on July 9. After compromising Odenkirk’s X account, the hacker(s) launched and posted about two scam meme coins, KIRK and SAUL. Possibly because the two coins diverterted attention, this time the scammers ended up stealing fewer funds.

调查人员将 Sweeney 黑客攻击与 7 月 9 日对演员鲍勃·奥登科克 (Bob Odenkirk) 的 X 帐户进行的另一次极为相似的攻击联系起来。在破坏奥登科克的 X 帐户后，黑客发起并发布了两个骗局模因币 KIRK 和 SAUL。可能是因为这两枚硬币转移了注意力，这一次骗子最终窃取的资金减少了。

At the time of ZachXBT’s reporting, the wallets connected to both the Sweeney and Odenkirk scams are holding approximately $488,000. The remaining funds “have been transferred to crypto casinos and to purchase gift cards.” ZachXBT concluded the X thread with a call to local law enforcement:

截至 ZachXBT 报道时，与 Sweeney 和 Odenkirk 骗局有关的钱包持有约 488,000 美元。剩余的资金“已转移到加密货币赌场并用于购买礼品卡。” ZachXBT 通过向当地执法部门发出呼吁来结束 X 主题：

“Hopefully UK law enforcement will be quick to go after Gurv again using the large amount of evidence available.”

“希望英国执法部门能够利用现有的大量证据，迅速再次追捕 Gurv。”

The Sweeney and Odenkirck scams are part of a broader trend of celebrities promoting scam meme coins, either via compromised accounts or, in some cases, alleged social engineering scams.

斯威尼和奥登基克骗局是名人推广骗局模因硬币的更广泛趋势的一部分，这些骗局要么通过被盗账户，要么在某些情况下通过所谓的社会工程骗局。