Eric Council Jr., a 25-year-old from Alabama, was arrested for hacking into the U.S. Securities and Exchange Commission’s (SEC) X account in January. His actions caused the value of Bitcoin to increase by $1,000 in just a few minutes. The Justice Department announced the arrest, pointing to growing concerns about online security and market manipulation.
How the hack happened
The hack took place on January 9, just one day before the SEC was supposed to make a big announcement regarding Bitcoin exchange-traded funds (ETFs). Using the SEC’s X account, Council and his group posted false information claiming that the SEC had approved Bitcoin ETFs. This caused investors to buy Bitcoin, which raised the price by $1,000.
Shortly after, SEC Chairman Gary Gensler intervened and tweeted from his personal account, saying the post was false and unauthorized. He confirmed that the SEC had not approved any Bitcoin ETFs. Even though the fake post was deleted within 25 minutes, the market had already reacted. After the truth came out, the price of Bitcoin fell by $2,000.
He @SECGov The Twitter account was compromised and an unauthorized tweet was posted. The SEC has not approved the listing or trading of spot bitcoin exchange-traded products. —Gary Gensler (@GaryGensler) January 9, 2024
What is the hacker accused of?
Eric Council, who also goes by the names “Ronin” and “AGiantSchnauzer” online, is now facing charges of identity theft and fraud. Federal prosecutors say he attempted to manipulate the price of Bitcoin to make money. These charges were announced by United States Attorney Matthew M. Graves along with other officials who worked on the case.
The hack was reportedly carried out using a “SIM swapping” technique, in which hackers trick a phone company into transferring someone’s phone number to their own SIM card. This allowed them to bypass security measures, such as two-factor authentication, and gain access to the SEC account.
What is a SIM swap attack?
A SIM swap occurs when a hacker convinces a mobile phone provider to change a phone number from the real user’s SIM card to a new SIM card controlled by the hacker. Once they have control of the number, they can access accounts linked to that phone number, such as social networks or bank accounts. In this case, Council and his group used the SEC’s X account to post false information about Bitcoin.
During the investigation, federal agents found evidence on the Council’s personal computer, including searches such as “SECGOV hack,” “identity theft laws” and “how do I know if the FBI is investigating me.”
The council received Bitcoin as payment
According to authorities, the Council was paid in Bitcoin for carrying out the hack. Investigators tracked his online activity and discovered that he had been paid to perform the SIM swap. FBI Acting Special Agent in Charge Geist said the case shows how cybercriminals can use these methods to manipulate markets.
He added: “The FBI will continue to work with law enforcement partners across the country and the world to hold individuals accountable for violating American laws.”
What happens next?
If convicted, Council could face up to five years in prison. This case highlights the importance of protecting social media accounts, especially for organizations like the SEC, where a single post can influence the market.
This incident has sparked debates about the need for stricter digital security measures. With the rise of cryptocurrencies and other digital assets, experts are urging companies and government agencies to beef up their security to prevent similar attacks in the future.
Eric Council’s story serves as a reminder of how quickly things can get out of control when hackers gain access to sensitive information. It also shows the serious consequences that this type of cybercrime entails, not only for hackers but also for financial markets.
Also read: Russia and China partner with cybercriminals to attack US – Microsoft report