On Thursday, FBI agents arrested a 25-year-old man from Athens, Alabama, named Eric Council Jr., for his alleged involvement in hacking the Securities and Exchange Commission’s (SEC) official X (formerly Twitter) account.
The incident, which took place in January 2024, caused a significant spike in the price of bitcoin after a fake tweet was posted from the SEC’s X account, falsely claiming the approval of Bitcoin Exchange-Traded Funds (ETFs). This false message briefly created chaos in the market.
The fraudulent tweet appeared on the SEC’s X account on January 9, 2024.
The tweet stated: “Today the SEC grants approval for Bitcoin ETFs for listing on all registered national securities exchanges.” This announcement was significant because it implied that Bitcoin ETFs were finally approved, which would be a monumental move for the bitcoin market.
As a result of this false news, bitcoin’s price surged by over $1,000 almost immediately. Investors anticipating that the approval of ETFs would boost the market and reacted by buying bitcoin.
However, just 15 minutes later, SEC Chair Gary Gensler refuted the tweet, stating that the SEC’s account had been compromised and that there had been no such approval. Following this clarification, bitcoin’s price plunged by over $2,000.
On October 17, 2024, Eric Council Jr. was arrested and charged with conspiracy to commit aggravated identity theft and access device fraud.
According to the U.S. Department of Justice, Council was part of a group that used a SIM swap attack to gain unauthorized access to the SEC’s X account.
In an official statement released on October 17, Nicole M. Argentieri, the Principal Deputy Assistant Attorney General for the Justice Department’s Criminal Division stated:
“The indictment alleges that Eric Council, Jr. unlawfully accessed the SEC’s account on X by using the stolen identity of a person who had access to the account to take over their cellphone number.”
A SIM swap attack is a form of identity theft where hackers manipulate a mobile service provider into transferring a victim’s phone number to a different SIM card. This allows the hackers to bypass two-factor authentication and access accounts linked to that phone number.
Related: Protect Yourself from the Perils of A SIM Swap Scam
In this case, Council allegedly used stolen personal information from an SEC employee to craft a fake identification card.
He then drove 35 miles to Huntsville, Alabama, where he used the fake ID to purchase a new SIM card connected to the employee’s phone number. With control of the SEC employee’s phone number, Council and his co-conspirators gained access to the SEC’s X account and issued the false tweet.
The FBI revealed that Council went by various online aliases, including “Ronin,” “AGiantSchnauzer,” and “Easymunny.” He reportedly shared access codes with his co-conspirators, who then used the SEC’s compromised account to post the fraudulent Bitcoin ETF approval message.
This hacking incident not only compromised the security of the SEC’s X account but also manipulated financial markets. The false tweet had a direct and immediate impact on bitcoin’s price.
U.S. Attorney Matthew Graves said in a statement:
“These SIM swapping schemes […] can result in devastating financial losses and the leak of sensitive personal and private information. Here, the conspirators allegedly used their illegal access to a phone to manipulate financial markets.”
Following the fake announcement, bitcoin’s price briefly shot up to around $47,680, before falling sharply to $45,627 once the SEC clarified that the tweet was fraudulent.
The SEC restored control of its X account shortly after the tweet was posted and reassured the public that no approval of Bitcoin ETFs had been granted at the time.
Interestingly, the SEC did approve Bitcoin ETFs just one day later, on January 10, 2024, which may have contributed to the initial believability of the false tweet. These newly approved ETFs now manage over $63.5 billion in assets.
The FBI’s investigation into this case revealed that after the hack, Council began searching the internet for signs that he was under investigation.
According to the FBI, Council searched phrases like “How can I know for sure if I am being investigated by the FBI” and “What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them.”
This online activity may have drawn more attention to Council, eventually leading to his arrest. He is now facing serious charges, with a potential sentence of 15 years in prison for aggravated identity theft and three years for impersonating a federal agency.
Pseudonymous security researcher ZachXBT shared a post on X following the announcement of the arrest, “I don’t know if the SIM swapper is more low IQ for these internet searches or the SEC for not using 2FA.”
Following his arrest, Council’s mother, Kimberly, expressed shock at the situation. “My son has never been in any trouble whatsoever,” she told CNBC in an interview.
“He’s never had so much as a detention on his academic experience in school.” Kimberly described Eric as “a special person” and said she is overwhelmed by the news of his arrest. She added that she hadn’t spoken to her son since the arrest and was still trying to understand what was happening.
The arrest of Eric Council Jr. underscores the increasing sophistication of cybercrimes, particularly in the realm of financial markets.
As Bitcoin continues to grow in popularity, incidents like the SEC X account hack highlight the need for stronger cybersecurity measures. The FBI, SEC, and other agencies remain committed to holding those accountable who attempt to manipulate markets and compromise sensitive information.
