FBI Arrests Hacker Behind Fake Bitcoin ETF Announcement on SEC’s X Account

Eric Council Jr., a 25-year-old man from Athens, Alabama, has been arrested by the Federal Bureau of Investigation (FBI) for his involvement in a high-profile hack of the Securities and Exchange Commission's (SEC) official X account in January 2024.

The hack resulted in a fraudulent announcement claiming the approval of the first Bitcoin Exchange-Traded Funds (ETFs) in the U.S., causing widespread disruption in the cryptocurrency market.

Charges and Arrest

Council Jr. faces multiple charges, including conspiracy to commit aggravated identity theft and access device fraud, according to an FBI statement on Oct. 17. Federal authorities revealed that Council Jr. was part of a group responsible for the attack on the SEC's X account, which occurred on Jan. 9, 2024. The fake post announced the SEC’s approval of Bitcoin ETFs, causing Bitcoin’s price to spike by over $1,000 within minutes.

Fake Announcement and Market Impact

The false news sent shockwaves through the crypto markets, with investors reacting swiftly to the announcement.

SEC Chair Gary Gensler promptly denied the claim, confirming that the commission had not approved any spot Bitcoin ETFs and that the regulator's X account had been compromised. Within 15 minutes of the fake post, the SEC clarified the situation, preventing further market confusion.

Hacking Method: SIM Swap Attack

Council Jr. and his co-conspirators gained access to the SEC’s X account through a SIM swap attack. This technique allowed the hacker to take control of a victim’s phone number by transferring it to their own SIM card.

By bypassing two-factor authentication, they were able to access sensitive accounts. U.S. Attorney Matthew Graves emphasized the dangers of SIM swapping, which often leads to severe financial losses and exposure of personal information.

The Scheme

According to the indictment, Council Jr., who used aliases such as "Ronin," "Easymunny," and "AGiantSchnauzer," obtained personal information and ID templates from his co-conspirators.

Using these details, he created a fake ID and acquired a SIM card linked to the victim’s phone number from a store in Huntsville, Alabama. With the SIM card and a newly purchased iPhone, he retrieved the access codes needed to hack the SEC’s X account. He then passed the codes to his co-conspirators, who used them to post the fraudulent message about Bitcoin ETFs. In exchange, Council Jr. received payment in Bitcoin.

Following the hack, Council Jr. returned the iPhone for cash in Birmingham, adding another layer to the scheme. Investigations later uncovered suspicious internet searches conducted by Council Jr., including queries about hacking the SEC and how to detect if he was being investigated by the FBI.

Legal Consequences

The FBI investigation revealed that Council Jr. had unlawfully used the stolen identity of an authorized individual to gain control of the SEC’s X account. Nicole M. Argentieri, principal deputy assistant attorney general, confirmed that the charges reflect the seriousness of the attack, as it not only disrupted markets but also highlighted the vulnerabilities in digital platforms.

Council Jr. now faces serious legal consequences for his role in the scheme, as federal authorities continue to combat cybercrime in the evolving cryptocurrency landscape.