Hacker pleads guilty to SIM swap attack on US SEC X account

Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack.

This comes after the defendant, 25-year-old Eric Council Jr., first pleaded not guilty to hacking the account and enabling his co-conspirators to make a fake announcement that Bitcoin ETFs were approved.

"Today the SEC grants approval to Bitcoin ETFs for listing on registered national security exchanges. The approved Bitcoin ETFs will be subject to ongoing surveillance and compliance measures to ensure continued investor protection," read the fake post on X.

Council's fraudulent post caused Bitcoin to jump up in price by $1,000 and just as quickly plummetted by $2,000 after SEC Chairperson Gary Gensler tweeted that the SEC account had been hijacked and the Bitcoin ETF approval announcement was fake.

​The SEC confirmed the next day that the @SECGov X account was compromised through a SIM-swapping attack targeting the phone number of the person in charge of the X account.

This allowed the defendant to gain control over their phone number, reset the password for the account to post the fake announcement, and enable others part of the same scheme (who paid him $50,000 in Bitcoin) to access the compromised account and post the fake announcement.

"As part of the scheme, Council used an identification card printer to create a fraudulent identification card with a victim's personally identifiable information obtained from his co-conspirators," the Justice Department said.

"Council used the fraudulent identification card to impersonate the victim and gain access to the victim's cellular phone number for the purpose of accessing the SEC's account."

Court documents also show that Council used his personal computer to search for information related to the attack and expressed his concerns that the FBI was investigating him.

Among these searches, investigators found that the defendant was looking for details on "what are the signs that you are under investigation by law enforcement of the FBI even if you have not been contacted by them" and "how can i know for sure if I am being investigate by the FBI."

Council is scheduled to be sentenced on May 16 and faces a maximum penalty of five years in prison after pleading guilty to conspiracy to commit aggravated identity theft and access device fraud.