A 25-year-old man from Athens, Georgia, has been arrested in connection with a significant hack of the U.S. Securities and Exchange Commission’s (SEC) X account, according to court documents. Eric Council Jr. is alleged to have searched online for information related to law enforcement investigations, including queries such as “how can I know for sure if I am being investigated by the FBI” and “signs that you are under investigation by law enforcement… even if you have not been contacted by them.”
Council is accused of being part of a group that hacked the SEC’s social media account in January, where they posted false information about Bitcoin. This misleading post claimed that the SEC had approved Bitcoin for inclusion in mainstream investment funds, causing the cryptocurrency’s value to spike by approximately $1,000 (£770) before plummeting by $2,000 once the falsehood was revealed.
The SEC had previously admitted that a key security measure for accessing its X account had been removed. Following the hack, the agency later moved to approve Bitcoin for mainstream investment through spot Bitcoin exchange-traded funds, though this approval came after the incident had already impacted the market.
Court documents indicate that Council operated under various online aliases, including Ronin, Easymunny, and AGiantSchnauzer. He allegedly searched terms such as “SECGOV hack” and “Telegram sim swap,” as well as legal inquiries about the “federal identity theft statute” and “how long does it take to delete a Telegram account.” Telegram is a messaging platform with over 950 million monthly active users.
The hack of the SEC’s account was executed through a SIM swap attack, a method where a fraudster convinces a mobile carrier to transfer an existing phone number to a new SIM card. Council is alleged to have created a fake identification using the details of an SEC employee, which were provided by his co-conspirators. He then reportedly used this information to have the employee’s mobile number transferred to a new SIM card, allowing access to the SEC’s X account through codes sent to the compromised phone.
Prior to the hack, SEC staff had requested the suspension of multi-factor authentication (MFA) on their account, a crucial security feature that helps verify user identity. After the breach, the SEC re-enabled MFA to bolster security.
Eric Council Jr. has been charged with one count of conspiracy to commit aggravated identity theft and access device fraud. If convicted, he could face up to five years in prison.
