Eric Council Jr. pleaded guilty to hacking the SEC’s X account to post a fake Bitcoin ETF approval, briefly spiking Bitcoin prices. He faces up to five years in prison.
Eric Council Jr., a 25-year-old from Athens, Alabama, pleaded guilty to aggravated identity theft and access device fraud in connection with the January 2024 hacking of the U.S. Securities and Exchange Commission’s (SEC) social media account. The breach resulted in a false announcement of Bitcoin exchange-traded fund (ETF) approvals, causing Bitcoin prices to surge before the misinformation was corrected.
Fake SEC Bitcoin ETF Announcement Triggered Market Surge
According to court documents, Council and his co-conspirators executed a SIM swap attack, a technique that allowed them to gain control of the SEC’s X (formerly Twitter) account. By using a fake ID, Council tricked a cellphone store employee into providing a SIM card linked to an SEC-affiliated phone number. Once they gained access, the hackers posted a fraudulent message claiming the SEC had approved multiple Bitcoin ETFs.
The unauthorized post, published under then-SEC Chair Gary Gensler’s name, stated:
Today the SEC grants approval for #Bitcoin ETFs for listing on all registered national securities exchanges.
The false announcement led to a rapid $1,000 spike in Bitcoin prices, as traders reacted to the misleading information. However, the SEC quickly regained control of its account and issued a correction, prompting a $2,000 drop in Bitcoin’s value.
Alabama Man Faces Up to Five Years in Prison
Council was arrested in October 2024 and admitted to his role in the scheme. Prosecutors revealed that he received at least $50,000 from the fraudulent operation. His guilty plea means he faces up to five years in federal prison, a $250,000 fine, and three years of supervised release.
He is scheduled for sentencing on May 16, 2025.
SEC Strengthens Cybersecurity After Breach
Following the hack, the SEC acknowledged that multi-factor authentication (MFA) had been disabled on its social media accounts due to access issues. The agency has since implemented enhanced security measures, including MFA on all accounts, to prevent future unauthorized access.
Cybersecurity Experts Warn of Growing SIM Swap Threats
The case highlights the growing risk of SIM swap attacks, which have been used in multiple high-profile hacks. Authorities continue to investigate cybercrimes that manipulate financial markets, emphasizing the importance of digital security measures for government agencies, corporations, and individuals.
Stay Informed on Cybersecurity Best Practices
For tips on protecting against SIM swap fraud and online account takeovers, visit the Federal Trade Commission’s guide.
