Eric Council Jr., a 25-year-old man from Alabama, has been arrested by the FBI for his alleged involvement in the hacking of the Securities and Exchange Commission’s (SEC) X account earlier this year. This cyberattack led to a misleading tweet that falsely announced the approval of bitcoin exchange-traded funds (ETFs) by the SEC, which temporarily inflated bitcoin prices.
The FBI’s investigation identified Council as a key figure in the incident, and he faces charges including conspiracy to commit aggravated identity theft and access device fraud, according to the Justice Department.
The SEC had previously disclosed that the hack was executed through a SIM swap attack, a method where a hacker takes control of a victim’s phone number by tricking the carrier into transferring it to a new SIM card. The recent indictment sheds light on the details of how this attack was allegedly orchestrated.
Council reportedly collaborated with unnamed co-conspirators through SMS and encrypted messaging platforms, who provided him with the personal information of an individual with access to the SEC’s X account, referred to only as “C.L.”
Alabama Man Eric Council Jr. Arrested by FBI for Allegedly Hacking SEC’s Twitter Account to Manipulate Bitcoin Prices
Using the stolen information, Council created a counterfeit ID, which he used to obtain a new SIM card and an iPhone in C.L.’s name. He then coordinated with his co-conspirators to gain access to the SEC’s X account, alter its settings, and post the fraudulent tweet.
This incident, which occurred just one day before the SEC’s actual approval of multiple spot bitcoin ETFs, prompted a significant rise in bitcoin prices, increasing by over $1,000 temporarily. The incident raised concerns regarding the account’s security, particularly the absence of multi-factor authentication at the time.
In addition to the details of the attack, the indictment highlights suspicious online behavior by Council. He reportedly conducted numerous searches on his personal computer that suggested a consciousness of guilt.
These searches included terms like “SECGOV hack,” “telegram sim swap,” and queries about signs of being under FBI investigation. Such searches reveal his awareness of the potential legal repercussions of his actions and indicate attempts to gather information that could assist him in evading law enforcement scrutiny.
The SEC Inspector General, Jeffrey, commented on the arrest, emphasizing the agency’s dedication to holding individuals accountable for actions that compromise the integrity of financial markets.
The indictment serves as a reminder of the vulnerabilities present in cybersecurity and the importance of robust security measures to protect sensitive accounts from exploitation. As the investigation unfolds, it underscores the potential consequences of cybercrime and the rigorous efforts of federal authorities to address such threats.
