An Alabama man has been charged over the January hack of the US Securities and Exchange Commission’s X account ahead of its highly anticipated decision on approving a spot-Bitcoin exchange traded fund.
Federal Bureau of Investigation agents arrested Eric Council Jr. on Thursday morning and charged the 25-year-old with conspiring to commit aggravated identity theft, according to a statement from the US Justice Department.
Council allegedly used the stolen personal information of an unnamed victim as well as an iPhone to break through the X account’s security measures, according to the indictment. The alleged scheme at one point involved Council impersonating an FBI employee who lost his phone, the government says.
The SEC’s account on X, formerly Twitter, was hacked in early January, just a day before it was set to announce approval of the first-ever spot market Bitcoin exchange traded products. The hacker took control of the agency’s official account and posted a message that said the SEC had granted approval to a handful of companies’ applications to trade the products.
The approval of the ETFs, which followed a long legal fight between the SEC and the issuer of one of the funds, was one of the most eagerly anticipated events ever in the digital-asset industry. The green light from the regulator helped push the original cryptocurrency to a record high of $73,797 in March. The funds have seen more than $20 billion of inflows and collectively now hold about $64.5 billion worth of assets, according to data compiled by Bloomberg.
The fake post with the premature approval caused the price of Bitcoin to surge $1,000, the Justice Department said. Once the SEC regained control of its X account and revealed the post was fake, Bitcoin fell by $2,000, according to the statement.
“The SEC thanks law enforcement for their vigilance in seeking accountability for those responsible for the breach of the SEC’s X account,” a spokesperson for the agency said in a statement.
Prosecutors say Council gained access to the SEC account using a so-called SIM swap, which is when hackers fraudulently activate a victim’s phone number on a different device in order to intercept their phone calls and messages. This allows hackers to receive multi-factor authentication codes when trying to reset a victim’s email, social media or cryptocurrency exchange account.
The SEC hack allegedly began on Jan. 9, when co-conspirators using encrypted text messages sent Council the victim’s personal identifying information, as well as a template for the victim’s identification card. Council allegedly used an identity card printer to create a fake ID for the victim, according to the indictment.
With the fake ID in hand, Council allegedly traveled to an AT&T store in Huntsville, Alabama, to get a SIM card linked to the victim’s account. Council then walked to an Apple store to buy a new iPhone for the swap, according to the indictment.
As soon as access to the victim’s phone was granted, the co-conspirators generated access codes to the victim’s social media accounts and shared them with additional co-conspirators, according to the indictment.
The fake post was issued by one of the unnamed co-conspirators, according to the indictment. Once that was done, Council allegedly drove to a service provider’s store in Birmingham, Alabama, to return the iPhone for cash.
The case is US v. Council, US District Court, District of Columbia (Washington).
The firm reported record advisor count, strong organic growth.
New survey finds varied levels of loyalty to advisors by generation.
Busy day for results, key data give markets concerns.
Incorrect data may have impacted decisions of short-sellers.
Zuckerberg warns investors to expect more losses.
A great man died recently, but this did not make headlines. In fact, it barely even made the news. Maybe it’s because many have already mourned the departure of his greatest legacy: the 60/40 portfolio.
Discover the award-winning strategies behind Destiny Wealth Partners' client-centric approach.