A hacker arrested in October 2024 in connection with the hack on the Securities and Exchange Commission’s (SEC) X account has now pleaded guilty.
Eric Council Jr. pleaded guilty in court on Monday to hacking the SEC’s X account, which artificially inflated the value of bitcoin (BTC).
Council, alongside other hackers, accessed the account they posed as then-SEC Chairman Gary Gensler and announced the highly anticipated Exchange-Traded Fund (ETF).
This announcement was huge as the SEC-backed ETF would aid in the mainstream adoption and investment of BTC.
As expected, the value of BTC shot up by more than $1,000 per BTC until the SEC managed to take back control of its account and announced the hack, which caused BTC to plummet by more than $2,000.
The @SECGov X account was compromised, and an unauthorized post was posted. The SEC has not approved the listing and trading of spot bitcoin exchange-traded products.
undefined U.S. Securities and Exchange Commission (@SECGov) January 9, 2024
The fake post got more than a million views in less than 30 minutes before it was then taken down.
The post read: “Today the SEC grants approval for #bitcoin ETFs for listing on all registered national securities exchanges.” Immediately after the post, the price of BTC increased by more than $1,000 per bitcoin.
Later that week, the SEC did approve rule changes that allowed bitcoin ETFs in the US.
SIM swapping attack
Council carried out a SIM swapping attack, which allowed the hackers to obtain access to the SEC’s X account, according to the Department of Justice (DOJ).
SIM swapping is a technique in which attackers gain control of a telephone number by tricking the service provider into reassigning it to a new device (and new SIM card) that they control.
According to digital security provider Avast, the main aim of SIM swapping is usually to exploit two-factor authentication to gain fraudulent access to an account.
Council used an ID card printer to create a fake ID with the personally identifiable information (PII) of the person whose SIM they reassigned.
The DOJ said the hacker then pretended to be the victim to gain access to their device and access the SEC’s X account.
Council was paid in BTC by his co-conspirators for his role in the hack.
Since Council has pleaded guilty to conspiracy to commit aggravated identity theft and access device fraud, he faces a maximum of five years in prison.
Your email address will not be published. Required fields are markedmarked