By: Eva Baxter
The FBI has arrested Eric Council Jr., a 25-year-old from Athens, Alabama, in connection with the hacking of the US Securities and Exchange Commission (SEC)'s social media account. The unauthorized access was used to disseminate a fraudulent message about the approval of spot Bitcoin exchange-traded funds (ETFs), causing a significant but temporary surge in Bitcoin's price. The fake announcement briefly drove Bitcoin's value up by $1,000, only to see a $2,000 decline after the SEC regained control and corrected the misinformation.
The attack was executed through a SIM swap, a social engineering technique that involves manipulating a victim's phone number to gain access to secured accounts. By forging a fake ID, Council and his associates were able to conduct the SIM swap and access the SEC's Twitter account. It was found that payment for this cyber operation was rendered in Bitcoin, with Council quickly returning the equipment used after posting the misleading message.
This incident highlights ongoing threats posed by SIM swap attacks, which have been used in various high-profile cryptocurrency thefts. For instance, in 2017, investor Michael Terpin lost $24 million in digital currency because of a similar attack. Additionally, between March 2021 and April 2023, an alleged group of fraudsters stole over $400 million using the same technique to gain access to crypto wallets.
U.S. Attorney Matthew M. Graves stressed the commitment of authorities to hold cybercriminals accountable, emphasizing the importance of maintaining market integrity against such manipulative threats. The investigation was led by the Justice Department, the FBI, and the SEC's Office of Inspector General, reinforcing cooperative efforts to combat cybercrime and protect digital infrastructures in the financial sector.