FBI officials arrested an Alabama man Thursday for allegedly hacking the Securities and Exchange Commission’s X account this year as part of an attempt to promote bitcoin.
Eric Council Jr., 25, was slated to appear Thursday in the U.S. District Court for the Northern District of Alabama on charges of conspiracy to commit aggravated identity theft and access device fraud, prosecutors said. Federal prosecutors allege that Council and other conspirators took over the identity of a person with access to the SEC’s X account by executing a SIM swap, which fraudulently reassigns a cellphone number to another phone.
The Jan. 9 hack took control of the X account @SECGov and a message was posted that the agency had approved bitcoin exchange-traded funds for listing on national exchanges. The post attracted millions of views and caused the price of bitcoin to spike by more than $1,000. Later that week, the SEC approvedrule changes that allowed bitcoin exchange-traded funds in the United States.
Shortly after the attack, SEC chair Gary Gensler posted on X thatthe statement was false. The SEC then regained control of its account, which sent the price of bitcoin plummeting by $2,000.
Prosecutors allege that co-conspirators provided Council with the identifying information of a person with access to the SEC’s X account. Council then allegedly created a fake ID to gain access to the person’s cellphone account and obtain a new SIM card that linked to it. He then bought a new iPhone in Huntsville, Ala., to initiate the SIM swap. Council subsequently shared access codes to the SEC’s X account with co-conspirators, who posted the false tweet, prosecutors allege.
Council, who used the online handles “Ronin,” “Easymunny” and “AGiantSchnauzer,” was paid in bitcoin for the SIM swap, prosecutors allege. Shortly after completing the hack, Council allegedly drove to Birmingham, Ala., and returned the iPhone involved in the SIM swap for cash.
Council later conducted internet searches for “SECGOV hack,” “telegram sim swap,” “how can I know for sure if I am being investigated by the FBI” and “What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them,” prosecutors allege.
The hack reignited concerns about security on X, which for years has faced breaches that resulted in takeovers of high-profile accounts and multiple whistleblower complaints.
SIM swaps are often executed to bypass multifactor authentication, or two-step verification, which can add an extra layer of security to the authentication process for online accounts, prosecutors said Thursday. That was a problem highlighted by X’s account for safety matters shortly after the hack, when it posted that the SEC’s account did not have two-factor authentication authorized “at the time the account was compromised.”