A man from Alabama was arrested on Thursday morning and was charged by prosecutors as the mastermind behind the hacking of the US Securities and Exchange Commission (SEC) social media account earlier this year. According to previous reports by Zombit, this incident led to the dissemination of a false announcement on social platforms, misleading the market about the approval of a Bitcoin exchange-traded fund (ETF).
According to a statement released by the US Attorney’s Office for the District of Columbia, Eric Council Jr., 25, was charged with “conspiracy to commit aggravated identity theft and access device fraud.”
Hacker Releases False News Resulting in Bitcoin Price Surge
SIM Card Swapping as a Hacker Attack Method
Bitcoin Trading Behind the Hacker’s Actions
Prosecutors stated that Council collaborated with other conspirators and successfully took control of SEC’s X account, releasing a tweet claiming, “Today, SEC approves #Bitcoin ETF for listing on all registered national securities exchanges.” This false tweet immediately triggered a market response, causing the price of Bitcoin to surge by over $1,000. However, SEC Chairman Gary Gensler quickly confirmed on social media that the account had been breached.
It is worth noting that this false tweet was published just one day before SEC officially approved the Bitcoin ETF, which has attracted billions of dollars in investments since its launch.
Prosecutors provided detailed technical details of this hacking attack. Allegedly, the hacker utilized the “SIM card swapping” technique, which typically involves deceiving mobile service providers to transfer the victim’s phone number to the hacker’s device. US Attorney Matthew M. Graves stated in the statement, “These SIM card swapping frauds can result in significant financial losses for victims and expose sensitive personal information.”
According to the charges, Council obtained personal identity information, such as the victims’ names and photos, through his co-conspirators and used this information to create fake IDs. He then obtained a SIM card associated with the victim’s phone number at a mobile service provider in Huntsville, Alabama. Council subsequently purchased a new iPhone and used this SIM card for identity verification, successfully gaining access to SEC’s X account.
After the tweet was released, Council received Bitcoin as a reward for successfully carrying out the SIM card swapping attack from his accomplice. Prosecutors also revealed that Council conducted various online searches related to this incident, including keywords such as “SECGOV breach” and “how to know if I am being investigated by the FBI.”
SEC expressed gratitude to law enforcement agencies for their swift response and handling of this hacking incident and stated that they will continue to cooperate with relevant departments in holding hackers accountable under the law.
