A 25-year-old man from Athens, Alabama was arrested by the United States Federal Bureau of Investigation (FBI) for hacking the Securities and Exchange Commission’s official X account in January.
According to an Oct. 17 statement, Eric Council Jr. was taken into custody following charges of conspiracy to commit aggravated identity theft and access device fraud.
According to federal authorities, Council Jr. is accused of being part of a group that hacked the SEC’s X account in January 2024 and posted a fake message on Jan. 9 claiming that the SEC had approved the first Bitcoin exchange-traded funds (ETFs) of the United States.
The fake announcement caused Bitcoin’s (BTC) price to spike by over $1,000 following the X post, leading to further shockwaves in markets.
Nearly 15 minutes later, SEC Chair Gary Gensler denied the news, claiming the commission had “not approved the listing and trading of spot bitcoin exchange-traded products,” adding that the regulator’s account had been compromised.
Source: Gary Gensler
The hacker gained control of the SEC account through a “SIM swap” attack — when a hacker takes control of a victim’s phone number by transferring it to their own SIM card to bypass two-factor authentication and gain access to the victim’s accounts.
“These SIM swapping schemes, where fraudsters trick service providers into giving them control of unsuspecting victims’ phones, can result in devastating financial losses to victims and leaks of sensitive personal and private information,” said US Attorney Matthew Graves. He continued:
“Here, the conspirators allegedly used their illegal access to a phone to manipulate financial markets. Through indictments like this, we will hold accountable those who commit these serious crimes.”
According to the indictment, Council Jr., who went by online aliases such as “Ronin,” “Easymunny” and “AGiantSchnauzer,” obtained personal information and an ID template with a victim’s details from his scheming partners. He then produced a fake ID with his own card printer and used the fake ID to acquire a SIM card linked to the victim’s phone at a cell provider store in Huntsville, Alabama.
After purchasing an iPhone with cash, he used the phone and SIM card to retrieve access codes for the SEC’s X account. He passed these codes to his co-conspirators, who used the codes to post a fraudulent X post about the ETFs’ approval. In return, Council Jr. received a payment in Bitcoin. Soon after, he drove to Birmingham to return the iPhone for cash.
As per the FBI probe, the hacker later conducted internet searches for “SECGOV hack,” “Telegram sim swap,” “how can I know for sure if I am being investigated by the FBI,” and “What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them.”
Council Jr. is accused of unlawfully gaining access to the SEC’s X account by using the stolen identity of an authorized individual to take control of their phone number. According to principal deputy assistant attorney general Nicole M. Argentieri:
“Council, Jr.’s co-conspirators then allegedly used this unauthorized access to the X account to falsely announce that the SEC had approved listing Bitcoin ETFs, which caused the price of Bitcoin to rise by $1,000 and then fall by $2,000. Council’s indictment underscores the Criminal Division’s commitment to countering cybercrime, especially when it threatens the integrity of financial markets.”
Just a day following the dramatic incident, the SEC approved the debut of 11 Bitcoin ETFs on Wall Street. Combined, the funds currently hold over $63.5 billion in assets under management.
This is a developing story, and further information will be added as it becomes available.