Sim Swap: Arrest made in SEC hack resulting in bitcoin price spike
SIM swapping is a global threat that demands urgent attention from telecom operators and regulators. Cybercriminals exploit weak security in mobile networks, bypassing authentication to steal identities, access sensitive data, and cause financial damage.
WASHINGTON – Eric Council Jr., 25, of Athens, Alabama, was arrested today for his role in a January 2024 scheme involving the unauthorized takeover of the U.S. Securities and Exchange Commission’s (SEC) X account, formerly Twitter. Hackers posted a fake message under the SEC Chair's name, causing the value of Bitcoin to spike by $1,000. The FBI identified that the unauthorized access was gained via a SIM swap attack, a growing form of identity theft with severe financial and data risks. Council is expected to make his first court appearance today in the Northern District of Alabama.
Council faces charges of conspiracy to commit aggravated identity theft and access device fraud. The SIM swap method used by the attackers allows criminals to control a victim’s phone number, bypassing security protections like two-step verification. This access to sensitive accounts resulted in a fake post from the SEC Chair, claiming the approval of Bitcoin ETFs. The announcement briefly sent Bitcoin prices surging before the SEC regained control, leading to a $2,000 price drop as the market corrected itself.
"SIM swapping poses a significant threat to individuals and financial systems alike," said U.S. Attorney Matthew Graves. "It allows criminals to gain access to personal data, sensitive information, and even manipulate markets, as we saw in this case."
Council’s case highlights the increasing use of SIM swapping in cybercrime, which has led to millions of dollars in financial losses and compromised personal data. Principal Deputy Assistant Attorney General Nicole Argentieri emphasized the Justice Department’s focus on combating such cyber-enabled frauds, especially those that threaten the integrity of financial markets. "This indictment underscores the need for strong cybersecurity measures and continued efforts to hold perpetrators accountable," she said.
The FBI and SEC’s joint investigation revealed that Council, using a fake ID created from stolen personal identifying information, obtained a SIM card linked to a victim with access to the SEC’s X account. After purchasing a new phone, Council and his co-conspirators used the SIM card to retrieve account access codes and post the fraudulent message. Council received payment in Bitcoin for his role in the attack.
The FBI and SEC are continuing to investigate the broader implications of SIM swapping in market manipulation cases. This case is being prosecuted by Assistant U.S. Attorney Kevin Rosenberg, along with Justice Department attorneys Ashley Pungello, Paul Zebb, and Lauren Archer.
The arrest underscores the growing need for companies and individuals to secure their data and communications from these attacks, which remain a prevalent method for criminals to bypass digital safeguards.
