A recent wave of hacks has targeted crypto influencers and celebrities on X, with Gigantic-Cassocked-Rebirth (GCR) emerging as one of the latest victims.
Blockchain sleuth ZachXBT's analysis suggests the Sol team, creators of the Solana meme coin CAT, may have orchestrated the 26 May hack of GCR's X account.
The motive?
Allegedly, to manipulate the price of specific coins.
This theory stems from the Sol team's suspected manipulation of their own CAT launch on 24 May.
By securing over 63% of the CAT supply, they could have potentially dumped $5 million worth of the meme coin before dividing the profits amongst various wallets.
ZachXBT's investigation delves deeper, revealing a potential trading scheme alongside the alleged manipulation.
A portion of the stolen funds reportedly found their way to Hyperliquid, a cryptocurrency exchange.
Minutes before compromising GCR's account, the attackers placed a significant bet – $2.3 million on ORDI and $1 million on ETHFI – both long positions.
In layman's terms, they essentially wagered that these tokens' prices would rise.
GCR's hacked platform then became their tool for shilling ORDI, causing a temporary price spike that netted them roughly $34,000.
They attempted a similar tactic with ETHFI, but the market did not cooperate, resulting in a $3,500 loss before they cut their losses.
The bigger question remains: are these just isolated incidents, or has this group targeted other crypto influencers in a similar fashion over the past few days?
Finally, ZachXBT's analysis points towards a SIM swapping attack as the method of gaining access to GCR's account.
This technique involves social engineering to trick a mobile carrier into transferring a victim's phone number to a SIM card controlled by the attacker.
ZachXBT said about the attack outcome:
“Scammers are low iq as evident by the awful execution. People let a scammer farm them for 7 figs just bc they purchased an expensive username and made mysterious posts. Stop giving meme coin callers a platform."
Alleged Identity of Hacker Revealed
Roxo, a member of the X crypto community, has proposed the identity of the "hacker" who compromised the X accounts of several celebrities, including Caitlyn Jenner, rappers Soulja Boy and Rich The Kid, and adult-content models Kazumi and Ivana Knöll.
Roxo, an 18-year-old from Miami with 17,100 followers, posted his findings regarding the wave of suspicious tweets over the weekend of 25 to 26 May.
He asserted that Jenner was never hacked and suggested that the other celebrities were victims of a "rug pull.”
Roxo shared a Telegram post by Sahil Arora and various pictures from Arora’s account, including one with Rich The Kid.
Additionally, Roxo highlighted that the coins launched on pump.fun on behalf of Soulja Boy, Rich The Kid, Kazumi, and Knöll were all connected to Arora's wallet address.
According to Roxo, the JENNER coin launch was legitimate but left Jenner's "team" thoroughly confused.
Roxo also shared a tweet from Jenner's X account, which urged followers to "send me some of your favourite memecoins" to an address identified as Arora's.
While the tweet was active when Roxo posted his findings, it has since been deleted.
Jenner remains steadfast in her promotion of the JENNER coin.
Jenner's manager, Sophia Hutchins, confirmed that the JENNER coin was legitimate and that the account had not been hacked.
Roxo stated in his post:
"Sahil has now successfully ran 5 influencer rugs this week."
This allegation was corroborated by a post from Rich The Kid on his X account.
He expressed in a video:
“Yesterday my page was hacked and a coin was promoted on my page by Sahil. […] This guy pretty much made a pump and dump and dumped all the money in his account and blocked me. So you guys tune in for the new coin.”
Source: Sahil Arora (account deleted)
On 27 May, Arora hosted four Twitter Spaces, with only one lasting longer than five minutes.
He announced the sessions with posts such as "Let's Fukin' Answer the scammers today. Let's Work on our own Asset" and "I will answer more questions not limited to: 1) About the SOL Scan 2) How I got betrayed."
Shortly after these posts, his account (@sahilsaysol) was deleted.
When asked whether Sahil Arora was behind the JENNER token launch, Jenner was agitated to say the least.
Even amidst the fallout with Arora, Jenner emphasized that it does not necessarily signify an end to their investment in and promotion of the JENNER token.
Jenner disclosed plans to expand the availability of the $Jenner token beyond the Solana network to include the Ethereum network.
This strategic move is aimed at enhancing the token's functionality and accessibility over the long term.
By tapping into Ethereum's extensive network effects and user base, this expansion is anticipated to foster greater adoption of the token.
The controversial token launch garnered significant attention, with its market cap soaring to $43 million within the first 24 hours, according to DEX Screener.
However, it has since plummeted over 50%, dropping to $17.4 million.
Just a few hours ago, she had announced there will be major news incoming tomorrow.
Meme Coins Rich Vector for Attacks
Bad actors have identified meme coins as fertile ground for their nefarious activities.
They employ various tactics to deceive traders, such as hyping a meme coin to artificially inflate prices, only to sell off tokens when they peak or swiftly emptying the liquidity pool.