In this post:
- For hacking the SEC’s X account and publishing a phony Bitcoin ETF approval, Eric Council Jr. faces a two-year prison sentence.
- The bogus tweet exposed serious security flaws at the SEC and sent Bitcoin’s price skyrocketing above $1,000.
- Council will be punished on May 16 after earning $50,000 from the plan.
Eric Council Jr., an Alabama man who masterminded a high-profile breach of the Securities and Exchange Commission’s (SEC) official X (previously Twitter) account in January 2024, has been urged by US federal prosecutors to serve two years in prison.
A fraudulent publication claimed that the SEC had authorized Bitcoin exchange-traded funds (ETFs), sparking a major upheaval in the market. Before the tweet was removed, the price of Bitcoin increased by over $1,000.
According to US authorities, the case called for a prison term that fell within the suggested parameters. They clarified that the Council had benefited from a complex fraud plan that included the use of fictitious identification documents, deceptive tactics at telecom shops, and the distribution of victim account password reset codes with both domestic and foreign conspirators.
In January, Council, 25, of Athens, Alabama, entered a guilty plea to one count of conspiracy to commit access device fraud and aggravated identity theft. He said he had gained unauthorized access to the SEC’s X account by using a “SIM swap” attack.
He was then able to use this hack to pretend to be a federal employee and trick a telecom provider into switching the employee’s phone number to a SIM card under the Council’s name. Once Council had the phone number, they broke into the account, took the login credentials, and gave it to the other conspirators who wrote the fake post.
Since many investors are eagerly awaiting an official verdict on spot Bitcoin ETFs, the post quickly went viral and sparked significant worry in the cryptocurrency market.
The commission approved the ETFs the day after the fraudulent post, but this time they made a formal announcement.
Council is awaiting punishment in a federal court in Washington on May 16.
In a SIM swap attack, the hacker impersonates the SEC’s approval of Bitcoin ETFs
According to recent papers, Eric Council Jr. earned $50,000 for carrying out the attack and even looked up how to determine whether the FBI was looking into him.
Many pointed out that the commission had a large number of Bitcoin ETFs that it wanted to address in the upcoming year at the time of the breach. Supporters became confused and speculated after reading Eric Council’s post.
The following day, the Securities and Exchange Commission formally approved the ETFs in a release. However, the harm had already been done by then.
In order to convince a mobile phone service provider to issue a new SIM card linked to the exchange commission’s phone number, the hacker had used a phony ID. He later sent his fellow conspirators the password reset information for the SEC’s X account that he had obtained.
The hack by the Council reveals the SEC’s cyber vulnerability.
The commission’s digital security systems had serious flaws that were exposed by the breach. Due to internal access concerns, the SEC’s X account had multi-factor authentication (MFA) turned off at the time.
Council and his team found it easy to take over the account as a result. The commission announced that it had restored Multifactor authentication to all official accounts after the incident and encouraged the public to keep checking its website for the most recent official updates.
As the US Justice Department is in turmoil due to leadership changes, the Council’s case is being played out. Most recently, without the Senate’s consent, President Donald Trump appointed acting US Attorneys in a number of districts, including Washington, D.C.
Cryptopolitan Academy: Tired of market swings? Learn how DeFi can help you build steady passive income. Register Now
