TLDR
- Eric Council Jr. got 14 months for hacking the SEC’s X account and posting a fake Bitcoin ETF approval.
- He used SIM swapping and fake IDs to steal access and manipulate Bitcoin prices.
- The fake post briefly pushed Bitcoin up $1,000 before a quick drop.
- The case shows rising cyber risks in financial markets and weak security.
- DOJ and FBI prosecuted him to stop digital fraud and protect market trust.
A federal court sentenced an Alabama man to 14 months in prison and three years of supervised release for his role in a fake Bitcoin ETF announcement made through the hacked SEC social media account on 24 January 2024. The case involved a SIM swap attack that compromised the SEC’s official X account and triggered a sharp but brief spike in Bitcoin prices. Eric Council Jr., pleaded guilty in February to conspiracy charges involving identity theft and access device fraud.
Fraudulent Announcement Shakes Market
Eric Council Jr., 26, from Huntsville, Alabama, executed a SIM swap that gave him access to a phone number tied to the SEC’s X account. He used a fake ID created with stolen information to impersonate the victim tied to that phone number. Once access was secured, his co-conspirators used the account to publish a false post claiming the SEC had approved Bitcoin ETF listings.
The post led to an immediate surge in Bitcoin’s price, rising by over $1,000 within minutes. However, the SEC quickly corrected the misinformation, and Bitcoin dropped by more than $2,000 shortly after. Council received Bitcoin payments from his co-conspirators as compensation for his role in the scheme.
Authorities emphasized that this coordinated fraud aimed to manipulate markets using fake digital asset news. Council’s sentencing followed an investigation led by the FBI and the SEC’s Office of Inspector General. The announcement served as a warning that tampering with financial communications carries serious consequences.
SIM Swap Enabled Unauthorized Access
The scheme hinged on a Subscriber Identity Module (SIM) swap, a growing cybercrime tactic used to hijack phone numbers. Council obtained personal data from co-conspirators, used an ID printer to make a forged identification card, and successfully posed as the phone number’s rightful owner. This tactic granted him control of the victim’s number, which was tied to the SEC’s social media account.
The group bypassed two-factor authentication tied to the SEC’s X account. With the account in hand, they impersonated the SEC Chairman and posted a fake Bitcoin ETF approval notice. The coordinated timing and knowledge of crypto markets suggest a calculated attempt to profit from rapid price shifts in Bitcoin.
Officials noted that such schemes threaten public trust in financial information sources and pose serious cybersecurity risks. Law enforcement agencies involved stressed that the case highlights how advanced fraud methods are used to exploit digital platforms. The sentence aims to deter similar crimes targeting public institutions and financial systems.
Federal Response and Legal Action
The Department of Justice prosecuted the case through its Computer Crime and Intellectual Property Section and Fraud Section. Prosecutors charged Council with conspiracy to commit aggravated identity theft and access device fraud. Trial attorneys from the Justice Department and Assistant U.S. Attorney Kevin Rosenberg led the case in the District of Columbia.
The SEC and FBI emphasized their commitment to securing government accounts and protecting the integrity of financial information. Both agencies confirmed their ongoing cooperation to prevent further breaches and hold offenders accountable. The case sets a precedent for prosecuting digital asset manipulation involving public agencies.
