Remember in January when someone hacked the SEC's X account and said the Bitcoin ETF was approved?
It was a 25 yr old in Alabama who simply walked into a phone store, used a fake ID, and did a SIM swap to take over the phone of a person at the SEC. https://t.co/snogguvK8j
— Ryan Detrick, CMT (@RyanDetrick) October 18, 2024
The FBI has arrested Eric Council Jr., a 25-year-old man from Athens, Georgia, for his alleged involvement in hacking the Securities and Exchange Commission’s (SEC) X account in January. The hack caused the price of Bitcoin to surge by about $1,000 before falling by $2,000 when it was revealed to be a hoax. According to court documents, Council, who used online aliases such as Ronin, Easymunny, and AGiantSchnauzer, searched for terms like “how can I know for sure if I am being investigated by the FBI” and “signs that you are under investigation by law enforcement…
Remembering just how wild that day the SEC X account got hacked actually was for everyone involved.
My tweets all within the span of about 5 minutes. 😅 pic.twitter.com/UP6EOoajii
— Eleanor Terrett (@EleanorTerrett) October 17, 2024
even if you have not been contacted by them.” He also searched for “SECGOV hack,” “Telegram sim swap,” “federal identity theft statute,” and “how long does it take to delete Telegram account.”
#CryptoWorld: On today’s show, we talk about the FBI’s arrest of a man in connection with a fake bitcoin post on the SEC’s X account.
Plus @SoloCeesay of @CalaxyApp reacts to bitcon’s recent price action and what the U.S. election means for crypto! @CNBChttps://t.co/ifWyzD4IoY pic.twitter.com/2egnqhADoy
— Brandon Gomez (@bgomezreports) October 17, 2024
The hack was carried out using a Sim swap attack, where the perpetrator fraudulently gets a mobile phone carrier to apply an existing telephone number to a new Sim card. In this case, Council allegedly created a fake ID with details of an SEC employee, which were provided by co-conspirators.
Hack impacts Bitcoin prices
NEW: Feds announced the arrest and indictment of Eric Council Jr., accusing him of being part of a group who took over the official SEC X account.
Council Jr. allegedly performed a SIM swap to get into the X account to post a fake tweet about Bitcoin. https://t.co/kZ3ATNM5rA
— Lorenzo Franceschi-Bicchierai (@lorenzofb) October 17, 2024
He then used these details to transfer the employee’s mobile number to a new Sim, allowing access to the SEC’s X account due to inadequate security measures. The SEC had asked X in July 2023 to suspend multi-factor authentication (MFA) on the account, making it easier for the hackers to gain access. The agency re-enabled MFA after the incident.
Council is charged with one count of conspiracy to commit aggravated identity theft and access device fraud, which carries a potential sentence of up to five years in prison if he is found guilty. The arrest highlights the importance of robust security measures and the risks associated with Sim swap attacks.
