A man from Alabama was arrested on Thursday morning and was charged by prosecutors for being the mastermind behind the hacking of the social media account of the U.S. Securities and Exchange Commission (SEC) earlier this year. According to a previous report by Zombit, this incident led to the dissemination of a false announcement on social platforms, misleading the market about the approval of a Bitcoin Exchange-Traded Fund (ETF).
According to a statement released by the U.S. Attorney’s Office for the District of Columbia, Eric Council Jr., a 25-year-old, is charged with “conspiracy to commit aggravated identity theft and access device fraud.”
Hacker’s False Announcement Causes Bitcoin Price Surge
SIM Card Swapping as a Hacker’s Attack Method
Bitcoin Transactions Behind the Hacker’s Actions
Prosecutors stated that Council collaborated with other conspirators to gain control of SEC’s X account and issued a tweet falsely claiming, “Today, SEC approves #Bitcoin ETF listed on all registered national securities exchanges.” This tweet immediately triggered market reactions, causing the price of Bitcoin to surge over $1,000. However, SEC Chairman Gary Gensler quickly confirmed on social media that the account had been compromised.
It is noteworthy that the false tweet was published just a day before SEC officially approved the Bitcoin spot ETF, which has attracted billions of dollars in investments since its launch.
Prosecutors provided detailed technical details of this hacking attack. It is alleged that the hacker used the technique of “SIM card swapping,” which typically involves deceiving mobile service providers to transfer the victim’s phone number to the hacker’s device. U.S. Attorney Matthew M. Graves stated in the statement, “These SIM card swap scams can result in severe financial losses for victims and the exposure of sensitive personal information.”
According to the charges, Council obtained the victims’ personal identity information, including names and photos, through conspirators and used this information to create fake identification cards. He then obtained a SIM card associated with the victim’s phone number at a mobile service provider in Huntsville, Alabama. Council subsequently purchased a new iPhone and used this SIM card for identity verification, successfully gaining access to SEC’s X account.
After the tweet was published, Council received Bitcoin as a reward from his accomplices for successfully completing this SIM card swapping attack. Prosecutors also revealed that Council conducted various internet searches related to this incident after the hacking, including keywords such as “SECGOV intrusion” and “how to know if you are under FBI investigation.”
SEC expressed gratitude to the law enforcement agencies for their prompt response and handling of this hacking incident and stated that they will continue to cooperate with relevant departments to hold the hacker legally accountable.