Arrest made in SEC hack resulting in bitcoin price spike



659f30d15f44e3.71201362 e1712262938586

The FBI arrested an Alabama man Thursday in connection with the January hack of the Securities and Exchange Commission’s (SEC) account on the social platform X that briefly caused the price of bitcoin to spike. 

Eric Council Jr. allegedly used a SIM swap attack to take control of the SEC’s account, which was then used by others to falsely claim that the agency had approved several exchange-traded funds (ETFs) holding bitcoin. 

The price of bitcoin jumped by more than $1,000 following the fraudulent post. After the SEC regained control of the account and clarified that it had not approved the funds, the price of bitcoin dropped by more than $2,000. 

The fake post came at a moment when the cryptocurrency industry eagerly awaited the SEC’s decision on bitcoin ETFs. The agency ultimately approved the funds just 24 hours later. 

“These SIM swapping schemes, where fraudsters trick service providers into giving them control of unsuspecting victims’ phones, can result in devastating financial losses to victims and leaks of sensitive personal and private information,” U.S. Attorney Matthew Graves said in a statement Thursday. 

“Here, the conspirators allegedly used their illegal access to a phone to manipulate financial markets,” he added. 

Council’s co-conspirators allegedly provided him with personal identifying information about an individual whose phone was connected to the SEC’s X account. He then created a fake ID, which he used to obtain a SIM card linked to this individual’s account. 

Once the SIM card was inserted into a new iPhone, Council was able to obtain two-factor security reset codes for the SEC’s X account, allowing his co-conspirators to gain access and post from the account, according to the indictment. 

The 25-year-old was charged with conspiracy to commit aggravated identity theft and access device fraud. 

The SEC faced scrutiny from lawmakers on both sides of the aisle in the wake of the hack, particularly after it was revealed that the agency did not have multifactor authentication enabled at the time.  



Source link

About The Author

Scroll to Top