An Alabama man has admitted in court to hacking the X (formerly Twitter) account of the US Securities and Exchange Commission (SEC).
The man, Eric Council Jr., 25, pled guilty to conspiring with others to take over the account and post a fraudulent message related to Bitcoin. He was arrested in October 2024.
The incident occurred in January 2024, and resulted in a temporary increase in the value of Bitcoin by over $1,000, after the message posted using the compromised account claimed that the SEC approved the trading of exchange-traded funds holding Bitcoin.
After regaining control of the account, the SEC confirmed that the account had been briefly compromised and that the announcement was false. This led to the value of Bitcoin decreasing by more than $2,000.
To take over the SEC’s X account, Council carried out a SIM swapping attack. Using stolen personally identifiable information provided by co-conspirators, he printed a fake identification card which he used to impersonate the victim in relation to their wireless carrier, AT&T.
Council traveled to an AT&T store and to other stores where, claiming to be an FBI employee, convinced the staff to reassign the victim’s phone number to a SIM card in Council’s possession.
Council and his co-conspirators then used the phone number to generate reset codes for the SEC account linked to the phone number, accessed the account, and posted in the name of the SEC chairman.
According to court documents, Council received payment in Bitcoin and other cryptocurrency for his role in the SIM swapping scheme.
The defendant pleaded guilty to conspiracy to commit aggravated identity theft and access device fraud. He faces up to five years in prison and is scheduled for sentencing on May 16.
Related: Man Sentenced to Prison for Stealing Millions in Cryptocurrency via SIM Swapping
Related: 3 Cryptocurrency Firms Suffer Data Breach After Kroll SIM Swapping Attack
Related: Google Fi Data Breach Reportedly Led to SIM Swapping
