A 25-year-old Alabama man, Eric Council Jr., was arrested for allegedly orchestrating a hacking scheme targeting the U.S. Securities and Exchange Commission’s X account in January in a bid to manipulate the price of Bitcoin. The hack, carried out through a "SIM swap" technique, allowed the attackers to post a fraudulent message on the SEC’s account claiming the approval of Bitcoin exchange-traded funds (ETFs), causing Bitcoin’s price to spike by $1,000 before rapidly plummeting once the post was disavowed.
On January 9, 2024, Council and his unnamed co-conspirators accessed the SEC’s official X (formerly Twitter) account by exploiting a SIM swap, a form of attack that tricks a cell carrier into transferring a legitimate user’s phone number to a new device controlled by the attackers. This allowed them to bypass multi-factor authentication and gain access to the @SECGov account. They then posted false information announcing that the SEC had approved Bitcoin ETFs for listing on national exchanges, which caused immediate market reaction. The price of Bitcoin surged as investors scrambled to capitalize on the news, only for the cryptocurrency to drop by $2,000 after SEC Chair Gary Gensler clarified the post was unauthorized.
The fraudulent message was deleted 25 minutes after it went live, but the damage was already done. Bitcoin’s brief price spike exposed the vulnerabilities of X’s platform under its new ownership by Elon Musk, and the incident reignited concerns about security lapses, particularly the lack of two-factor authentication on the SEC’s account at the time of the breach. The platform has faced criticism for similar high-profile breaches in the past, which have been exploited to manipulate markets and promote scams.
Prosecutors allege that Council, operating under online aliases such as “Ronin,” “Easymunny,” and “AGiantSchnauzer,” used the stolen phone number of an individual with access to the SEC’s X account to carry out the attack. Council reportedly purchased a new iPhone in Huntsville, Alabama, to execute the SIM swap and later returned it for cash after completing the hack. He was paid in Bitcoin for his role in the operation.
As investigators closed in, Council conducted internet searches for terms like "SECGOV hack," "how to know if the FBI is after you," and methods to erase accounts on encrypted messaging platforms such as Telegram, prosecutors said. He now faces charges of conspiracy to commit aggravated identity theft and access device fraud, which could result in up to five years in prison if convicted.
The case highlights the ongoing threat of SIM-swapping attacks in undermining digital security, particularly in the realm of financial markets. The FBI praised the collaboration between law enforcement agencies in bringing the case to light and emphasized their commitment to holding cybercriminals accountable. "This incident shows how bad actors can exploit vulnerabilities to manipulate the global financial market," said FBI Special Agent in Charge, Thomas Geist.
Although the SEC formally approved Bitcoin ETFs just one day after the hack, the damage from the fraudulent post has renewed scrutiny on the integrity of major online platforms and the need for more stringent security measures.
