An Alabama man was arrested on Thursday morning after prosecutors said he was behind the hack of the U.S. Securities and Exchange Commission's social media account that posted a fake announcement about spot bitcoin exchange-traded funds being approved.
Eric Council Jr., 25, was charged with "conspiracy to commit aggravated identity theft and access device fraud," according to a statement released by the U.S. Attorney's Office in the District of Columbia.
The SEC's X account was compromised in January ahead of spot bitcoin ETFs being approved by the agency.
Prosecutors say Council worked with others to take control of the SEC's X account when they posted, "Today the SEC grants approval for #Bitcoin ETFs for listing on all registered national securities exchanges." Both SEC Chair Gensler and X then quickly confirmed afterward that the account had been compromised.
After sending that post, the price of bitcoin increased by more than $1,000, according to the statement released on Thursday.
The fake tweet went out a day before the SEC formally approved the much anticipated spot bitcoin ETFs, which have since brought in billions of dollars.
What unfolded
Prosecutors said that access to the SEC's account was done through a "SIM swap."
"These SIM swapping schemes, where fraudsters trick service providers into giving them control of unsuspecting victims’ phones, can result in devastating financial losses to victims and leaks of sensitive personal and private information,” said U.S. Attorney Matthew M. Graves in the statement. “Here, the conspirators allegedly used their illegal access to a phone to manipulate financial markets."
Council allegedly acquired personal identifying information that including a victim's name and photo from his co-conspirators and then created a fake ID and got a SIM card linked to the victim's phone line by using that fake ID at a cell phone provider in Huntsville, Alabama. He then used a new iPhone, which he bought using cash, and used what he had to get access codes to the SEC's X account, prosecutors said.
After the phony post was sent, Council received payment in bitcoin "for performing the successful SIM swap," according to the statement.
Council had a few online nicknames including "Ronin," "Easymunny" and "AGiantSchnauzer." After the hack, he also allegedly searched for phrases such as “SECGOV hack,” “telegram sim swap,” “how can I know for sure if I am being investigated by the FBI,” and “What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them.”
“The SEC thanks law enforcement for their vigilance in seeking accountability for those responsible for the breach of the SEC’s X account," a spokesperson for the SEC said in an emailed statement sent to The Block.
Update: Oct. 17, 4:30 p.m. UTC to include details throughout
Update: Oct. 17, 6:35 p.m. UTC to include the SEC's response
Comments (0)