25-year-old man from Alabama, Eric Council Jr., has been arrested for his alleged role in a sophisticated hack of the U.S. Securities and Exchange Commission’s (SEC) X account. The incident, which occurred on January 9, 2024, involved a SIM swap attack that led to the posting of false information about Bitcoin ETF approvals, causing significant market disruption.
The SIM Swap Scheme
This cybercrime uses a technique known as SIM swapping. This fraudulent activity involves tricking a mobile carrier into transferring a victim’s phone number to a SIM card controlled by the attacker. In this case, Council and his co-conspirators allegedly used SIM swapping to gain control of a phone number associated with access to the SEC’s X account.
The false tweet, which claimed that Bitcoin ETFs had been approved, caused an immediate and significant market reaction. The price of Bitcoin surged by over $1,000 in the wake of this misinformation. However, once the SEC regained control of its account and clarified that the tweet was fraudulent, the price of Bitcoin plummeted by more than $2,000.
This incident highlights the potential for SIM swap attacks to have far-reaching consequences, especially when targeting high-profile accounts with the power to move markets.
The Investigation and Arrest
The FBI, in conjunction with the SEC Inspector General, conducted a swift investigation into the incident. Their efforts led to the identification and arrest of Eric Council Jr. on October 17, 2024.
Interestingly, authorities claim that Council later conducted incriminating internet searches, including phrases like “SECGOV hack,” “telegram sim swap,” and “how can I know for sure if I am being investigated by the FBI”. These searches may have played a role in leading investigators to Council.
Council has been charged with conspiracy to commit aggravated identity theft and access device fraud. He is scheduled to appear in the U.S. District Court for the Northern District of Alabama to face these charges.
