Man Who Hacked SEC’s X Account Pleads Guilty

The hacker who hijacked the U.S. Securities and Exchange Commission’s (SEC) X account and posted false information about cryptocurrency regulations has pleaded guilty and now faces a maximum sentence of five years in prison, as first reported by The Record.

Eric Council Jr., a 25-year-old from Athens, Alabama, admitted to conspiracy to commit aggravated identity theft and access device fraud in a plea deal entered on Monday. His sentencing is scheduled for May 16.

Council was arrested in October following an FBI investigation into the January 2024 breach, which briefly sent the price of bitcoin surging.

The SEC’s X account was compromised and used to post false claims about the approval of cryptocurrency exchange-traded funds (ETFs), misleading investors and triggering market fluctuations.

According to prosecutors, Council and his co-conspirators took over the SEC’s account using a Subscriber Identity Module (SIM) swap.

This tactic involves tricking a phone carrier into transferring a phone number from its rightful owner to a hacker’s SIM card. Once in control of the number, the hackers could reset passwords and access social media accounts.

The Record reports that the Justice Department stated that Council used forged identification documents to conduct the SIM swap. He allegedly created a fake ID with his own face but another person’s name and used it at an AT&T store in Huntsville, Alabama, claiming to be an FBI employee who had lost his phone.

After acquiring the new SIM card, he purchased an iPhone, inserted the SIM, and received two-factor authentication codes needed to seize control of the @SECGov account on X.

Later that day, Council returned the iPhone at another Apple store in Birmingham.

Court records also reveal that Council searched online for “SECGOV hack,” “how can I know for sure I am being investigated by the FBI,” and “how long does it take to delete telegram account,” as reported by The Record.

X confirmed at the time that the breach resulted from unauthorized access to a phone number linked to the SEC’s account rather than a direct security failure on X’s part. However, the indictment contradicts X’s claim that the account lacked two-factor authentication.

Prosecutors suspect Council and his associates were attempting to manipulate the cryptocurrency market.

The false tweet caused bitcoin’s price to spike by $1,000 before the SEC clarified the information was incorrect, sending the price tumbling by $2,000. Council was paid in bitcoin by his accomplices.

The Record notes that X continues to struggle with securing high-profile accounts from cryptocurrency-related hacks.

“The platform in question has become increasingly vulnerable to abuse, while simultaneously serving as a critical media tool for influencers, brands, and even governments,” said Tom Hegel, principal threat researcher at SentinelLabs, following a recent report on account takeovers.

Hegel noted that financial incentives for these attacks have grown, while security weaknesses persist. Recent high-profile breaches include attacks on accounts belonging to the Tor Project, NASDAQ, and others.