Recently, authorities arrested a man from Alabama named Eric Council Jr. Prosecutors said he was responsible for hacking the U.S. Securities and Exchange Commission’s (SEC) social media account.
The hacked account posted a fake message about approving the spot Bitcoin exchange-traded funds (ETFs). Eric Council Jr., who is currently 25, faces charges of “conspiracy to commit aggravated identity theft” and “access device fraud.”
Hackers Use SIM Swap to Access SEC’s X Account, Triggering Bitcoin Price Spike with Fake ETFs Announcement
A press release by the U.S. Attorney’s office in Washington disclosed the arrest of a 25-year-old Alabama man, Eric Council Jr. According to the statement, Council Jr. allegedly hacked the SEC’s X account in January and posted a misleading message about approving spot Bitcoin ETFs.
The prosecutors say Eric Council didn’t act alone. He worked with others to take over the SEC’s X account.
They posted a fake message saying, “Today the SEC grants approval for Bitcoin ETFs for listing on all registered national securities exchanges.”
Shortly after the fake post, SEC Chair Gary Gensler confirmed the hack. X also confirmed that the account had been compromised.
According to the Thursday statement, bitcoin’s price surged by over $1,000 following the fake post. The tweet misled people into thinking the SEC had approved spot bitcoin ETFs when it hadn’t officially done so.
The post went out just one day before these ETFs were approved. Since then, these spot BTC ETFs have attracted billions of investments.
Prosecutors said the hackers used a “SIM swap” method to access the SEC’s account. In a SIM swap, criminals trick phone companies into giving them control of a person’s phone number.
This trick allows the hackers to access accounts linked to that phone. These schemes can cause enormous financial losses and lead to the leak of personal and private information.
The U.S. Attorney Matthew M. Graves explained this in a statement. He said that conspirators used this illegal phone access to interfere with financial markets. Their goal was to manipulate prices for their gain.
How a SIM Swap and Fake ID Led to the SEC X Account Hack
Prosecutors say Eric Council Jr. got personal information from his co-conspirators. This information included a victim’s name and photo.
Using this, he made a fake ID and went to a cell phone provider in Huntsville, Alabama. Hence, he obtained a SIM card linked to the victim’s phone number with the fake ID.
According to prosecutors, he bought a new iPhone with cash. With the phone and SIM card, he could receive access codes, which granted him control of the SEC’s X account. This is how he could carry out the hack.
After the fake post was sent, Eric Council Jr. received a Bitcoin payment. According to the statement, the payment was for successfully carrying out the SIM swap.
Eric Council used several online nicknames, including “Ronin,” “Easymummy,” and “AGiantSchnauzer.”
After the hack, he reportedly searched for some suspicious phrases online. They included “SECGOV,” “telegram sim swap,” and “How can I know for sure if I am being investigated by the FBI.”
He also searched for “What are the signs that you are under investigation by law enforcement or the FBI even if they have not contacted you.”
Furthermore, the SEC thanked law enforcement for holding those responsible for the hack accountable. SEC’s spokesperson shared this message via email.
