An Alabama man who SIM-swapped his way into the SEC’s official X account, enabling a fake ETF announcement that briefly pumped Bitcoin, has been sentenced to 14 months in prison and three years of supervised release.
Prior to his conviction and sentencing on Friday, Eric Council Jr., 26, of Huntsville, Alabama, proved once again that cybercriminals are very bad at internet search hygiene.
Council used his personal computer to search “SECGOV hack,” “telegram sim swap,” “how can I know for sure if I am being investigated by the FBI,” “Federal identity theft statute,” and other incriminating phrases, according to court documents [PDF].
The 26-year-old pleaded guilty in February to conspiracy to commit aggravated identity theft and access device fraud after he and others took over the SEC’s X account in January 2024. The crew used the compromised account to post a message that purported to come from then-SEC chair Gary Gensler and falsely announced that the government had approved Bitcoin exchange-traded funds (ETFs).
According to the DOJ, the hoax message triggered a jump of more than $1,000 in Bitcoin’s price. After the federal regulator regained control of the compromised account and posted a retraction, the value dropped by over $2,000.
Council and his co-conspirator compromised the social media account via SIM-swapping someone who had access to the SEC’s X account. SIM swapping is a scam where crooks trick a mobile carrier into transferring a victim’s number to a SIM they control, letting them hijack calls, texts, and login codes. The court documents identify the victim as “C.L.,” and detail how Council tricked an employee at an AT&T store in Huntsville.
In early January 2024, Council obtained the victim C.L.’s personal information from co-conspirators and used it to create a fake ID with the help of an ID card printer.
He showed an in-store AT&T employee the phony ID, told the worker that he was an FBI employee who had broken his phone and needed a new SIM card, and then obtained a new SIM card linked to C.L.’s account.
Council then visited a nearby Apple store, bought an iPhone, and put the C.L. SIM card into this new mobile phone to receive two-factor security reset codes associated with the @SECGov X account.
He shared the reset code with his co-conspirator, who used it to access the SEC’s X account and post a false announcement about the approval of Bitcoin ETFs. Following this, Council returned the iPhone for a cash refund.
“The deliberate takeover of a federal agency’s official communications platform was a calculated criminal act meant to deceive the public and manipulate financial markets,” said FBI Criminal Investigative Division Acting Assistant Director Darren Cox in a statement after the sentencing.
“By spreading false information to influence the markets, Council attempted to erode public trust and exploit the financial system,” he continued. “Today’s sentencing makes clear that anyone who abuses public platforms for criminal gain will be held accountable.” ®
