Alabama Man Charged With Hacking SEC’s X Account—Causing Bitcoin To Spike

by · Forbes

Topline

An Alabama resident was arrested on Thursday for allegedly hacking the Securities and Exchange Commission’s X account earlier this year and posting a false claim about cryptocurrency, an incident that spiked the price of bitcoin by more than $1,000, the Justice Department announced.

A fake tweet announced the approval for the first spot bitcoin exchange-traded funds before the ... [+] agency regained control of its social media.NurPhoto via Getty Images

Key Facts

Eric Council Jr., 25, was arrested by the FBI and charged with one count of conspiracy to commit aggravated identity theft and access device fraud, according to the DOJ.

Prosecutors allege Council conspired with others to hack the SEC’s X account on Jan. 9 and prematurely announced the agency’s approval of bitcoin exchange-traded funds, which briefly increased the cryptocurrency’s price by more than $1,000.

The SEC subsequently regained control of its account, causing the price of bitcoin to fall by $2,000 (the agency later approved bitcoin ETFs).

Council gained control of the social media account through a “SIM swap”—fraudulently reassigning a cell phone number to another phone—while impersonating the person whose phone had control over the account, prosecutors claim.

An attorney listed for Council did not immediately respond to a request for comment.

What To Watch For

Council is scheduled to make his first court appearance later on Thursday. If convicted, he faces a maximum penalty of five years in prison, the DOJ said.

Key Background

In January, the SEC acknowledged through a series of announcements that its X account had been hacked to prematurely announce the agency’s approval for bitcoin ETFs. The agency said in the weeks after the incident that, after consulting with its telecom provider, the SEC determined its account was attacked by a “SIM swap.” The hack did not include access to the SEC’s systems, data, devices or other social media accounts, the agency said. Multi-factor authentication—requiring forms of verification to access an account—was removed from the account months earlier, the SEC said, though it was later added back to the account after the hack.

Further Reading