On-chain investigator ZachXBT has implicated convicted UK hacker Gurvinder Bhangu in the recent hacking of Sydney Sweeney and Bob Odenkirk’s X accounts. The breaches led to the theft of over $530,000 through Solana-based meme coin scams.
In early July, Sweeney’s account was compromised in a SIM swap attack, promoting a fraudulent token called SWEENEY. The coin’s price surged before plummeting, allowing the hackers to cash out over $515,000. ZachXBT traced the funds to an exchange where they were converted into Bitcoin and Ethereum.
Evidence suggests Bhangu was involved in the scam. Screenshots revealed him receiving codes to access Sweeney’s account via Telegram and a Verizon SIM swap receipt. His unique Telegram ID and past prison conversations confirmed his identity.
A similar pattern emerged when Odenkirk’s account was hacked later in July. While the profit was smaller, funds were linked to the same Ethereum address used in the Sweeney hack.
ZachXBT is urging UK law enforcement to pursue Bhangu given the overwhelming evidence.