ZachXBT Investigation Links Memecoin Team to Hack of Crypto Influencer’s Account

ZachXBT Investigation Links Memecoin Team to Hack of Crypto Influencer’s Account

A new investigation led by ZachXBT on on May 27 implicated the creators of a new memecoin in hacking a crypto influencer’s account, exposing a complex scheme to manipulate cryptocurrency prices.The probe, conducted by the pseudonymous blockchain investigator ZachXBT, uncovered that the team behind CAT, a Solana-based memecoin, hacked the Twitter account of crypto influencer Gigantic-Cassocked-Rebirth (GCR) on May 26. Their goal was to influence the prices of certain cryptocurrencies through deceptive means.
On Late Sunday, popular crypto influencer Gigantic-Cassocked-Rebirth (GCR) was hacked on his X (formerly Twitter) account. 1/ An investigation into how the @sol ($CAT) meme coin team is connected to the @GCRClassic hack from last night.Minutes before the hack an address tied to them opened $2.3M ORDI & $1M ETHFI longs on Hyperliquid. Let’s dive in. pic.twitter.com/009BdPBfM1— ZachXBT (@zachxbt) May 27, 2024The hacker used GCR’s account to promote ORDI and Luna 2.0 tokens, resulting in brief price hikes. GCR later confirmed the breach, urging his followers to disregard any promotional content from his channels.ZachXBT’s investigation revealed that the team behind CAT memecoin orchestrated the hack, however. ZachXBT noted that the scheme started with their coin launch on May 24, in which the team gained control of more than 63% of the CAT supply. Subsequently, they sold over $5 million worth of CAT, distributing the profits across multiple wallets. Further analysis showed that some funds were funneled into Hyperliquid for trading.6/ On May 26 at 5:55 pm UTC a hacker from @GCRClassic compromised account made a post about ORDI causing the price to spike. 0x5e3 closes the long from 5:56 pm UTC to 6 pm UTC for a profit of ~$34K pic.twitter.com/uYIayqM537— ZachXBT (@zachxbt) May 27, 2024Notably, before the hack, the perpetrators opened long positions worth $2.3 million on ORDI (ORDI) and $1 million on Ether.fi (ETHFI).Following the hack, the price of ORDI briefly climbed from around $40 to $44 before falling back to $40, with the scammer securing a profit of approximately $34,000. Additionally, Luna 2.0 experienced a momentary 274% increase. A subsequent post was shared to boost ETHFI, but the market did not respond as expected, resulting in a $3,500 loss for the attackers, who closed the position.“Scammers are low-IQ, as evidenced by the awful execution,” ZachXBT commented on the incident. “People let a scammer farm them for 7 figs just because they purchased an expensive username and made mysterious posts. Stop giving meme coin callers a platform.”It’s unclear whether this group is behind other similar attacks on crypto influencers in recent days.
According to ZachXBT’s findings, the breach was facilitated by a SIM-swapping attack. The method involves scammers deceiving a mobile carrier into transferring the victim’s phone number to a SIM card controlled by the attacker.GCR believes that someone at X.com might have been bribed to provide access to his account, leading to the security breach.“Was notified 2 months ago by someone affiliated with Twitter that bribes had been made to access my account, and beefed up security then,” GCR said. “But there is no security if X employees take money for admin access.”GCR later confirmed the hack, asking followers to ignore any promotional posts.Similarly, late Sunday, Caitlyn Jenner, the reality TV star and Olympic athlete, announced the launch of her cryptocurrency token, JENNER, via a post on her X account. The token was created using Solana’s memecoin platform, pump.fun. By Monday morning, JENNER had achieved a market capitalization of $37 million.In response to hacking concerns, Jenner and her manager, Sophia Hutchins, posted videos on her X account to confirm the memecoin’s legitimacy. Despite these assurances, some users are still skeptical, suggesting the videos could be deepfakes.Similarly, Rapper Rich The Kid promoted a memecoin, RICH, via a pump.fun link in now-deleted X posts. On Monday morning, Rich The Kid released a video claiming his X account had been hacked, resulting in the unauthorized promotion of the RICH token.