An Alabama man was arrested by the FBI this morning in Athens, Alabama, on charges related to the January hack of the Securities and Exchange Commission (SEC)’s social media account on X, formerly known as Twitter.
According to court documents, on or about Jan. 9, Eric Council Jr., 25, of Athens, allegedly conspired with others to take unauthorized control of the SEC’s X account and, in the name of SEC Chair Gary Gensler, prematurely announced the approval of bitcoin Exchange Traded Funds. Immediately following the false announcement, the price of bitcoin increased by more than $1,000 per bitcoin. Shortly after this unauthorized post, the SEC regained control over its X account and confirmed that the announcement was unauthorized and the result of a security breach. Following this corrective disclosure, the value of BTC decreased by more than $2,000 per bitcoin.
The conspirators gained control of the SEC’s X account through an unauthorized Subscriber Identity Module (SIM) swap, allegedly carried out by Council. A SIM swap refers to the process of fraudulently inducing a cell phone carrier to reassign a cell phone number from the legitimate subscriber or user’s SIM card to a SIM card controlled by a criminal actor. As part of the scheme, Council and the co-conspirators allegedly created a fraudulent identification document in the victim’s name, which Council used to impersonate the victim; took over the victim’s cellular telephone account; and accessed the online social media account linked to the victim’s cellular phone number for the purpose of accessing the SEC’s X account and generating the fraudulent post in the name of SEC Chairman Gensler.
“The indictment alleges that Eric Council Jr. unlawfully accessed the SEC’s account on X by using the stolen identity of a person who had access to the account to take over their cellphone number,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division. “Council’s co-conspirators then allegedly used this unauthorized access to the X account to falsely announce that the SEC had approved listing bitcoin ETFs, which caused the price of bitcoin to rise by $1,000 and then fall by $2,000. Council’s indictment underscores the Criminal Division’s commitment to countering cybercrime, especially when it threatens the integrity of financial markets.”
“These SIM swapping schemes, where fraudsters trick service providers into giving them control of unsuspecting victims’ phones, can result in devastating financial losses to victims and leaks of sensitive personal and private information,” said U.S. Attorney Matthew M. Graves for the District of Columbia. “Here, the conspirators allegedly used their illegal access to a phone to manipulate financial markets. Through indictments like this, we will hold accountable those who commit these serious crimes.”
“The defendant allegedly deceived the public by impersonating the victim and making fraudulent statements on behalf of the SEC,” said Assistant Director Chad Yarbrough of the FBI Criminal Investigative Division. “The FBI and our partners will continue to investigate and hold accountable those who attempt to manipulate financial markets for their own gain.”
“The FBI works to identify, disrupt, and investigate cyber-enabled frauds, including SIM swapping,” said Acting Special Agent in Charge David E. Geist of the FBI Washington Field Office Criminal and Cyber Division. “SIM swapping is a method bad actors exploit to illicitly access sensitive information of an individual or company, with the intent of perpetrating a crime. In this case, the unauthorized actor allegedly utilized SIM swapping to manipulate the global financial market. The FBI will continue to work tirelessly with our law enforcement partners around the country and globe to hold accountable those who break U.S. laws.”
“This criminal indictment demonstrates our commitment to holding bad actors accountable for undermining the integrity of the financial markets,” said Inspector General Deborah Jeffrey of the SEC.
A federal grand jury in the District of Columbia returned an indictment on Oct. 10 charging Council with one count of conspiracy to commit aggravated identity theft and access device fraud. If convicted, he faces a maximum penalty of five years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.
The FBI Washington Field Office and SEC Office of Inspector General are investigating the case.
Trial Attorney Ashley Pungello of the Criminal Division’s Computer Crime and Intellectual Property Section, Trial Attorney Lauren Archer of the Criminal Division’s Fraud Section, and Assistant U.S. Attorney Kevin Rosenberg for the District of Columbia are prosecuting the case.
For more information on SIM swapping, go to www.ic3.gov/PSA/2024/PSA240411.
An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.