Federal authorities have arrested an Alabama man in connection with a January 2024 cyberattack that targeted the U.S. Securities and Exchange Commission’s (SEC) Twitter account. Eric Council Jr., 25, of Athens, Alabama, was taken into custody this morning and is facing charges of conspiracy to commit aggravated identity theft and access device fraud.

Hacker Searched Google for How to Know If You’re Being Investigated by the FBI

According to the indictment, Council and his co-conspirators executed a SIM swap attack to gain unauthorized control of the @SECGov Twitter account. By impersonating the SEC Chair, they posted a fake announcement claiming the SEC had approved $BTC ETFs for listing on all registered national securities exchanges. This fraudulent tweet caused a significant spike in the price of Bitcoin, followed by a sharp decline after the SEC quickly corrected the false information.

The SIM swap attack involved tricking a cell phone carrier into transferring the victim’s phone number to a SIM card controlled by the attackers. This allowed them to bypass multi-factor authentication and access the SEC’s Twitter account.

U.S. Attorney Matthew M. Graves emphasized the seriousness of the crime, stating, “These SIM swapping schemes can result in devastating financial losses and leaks of sensitive personal information.” He added that the Department of Justice is committed to holding cybercriminals accountable for their actions.

Principal Deputy Assistant Attorney General Nicole M. Argentieri highlighted the potential consequences of such attacks, stating, “Council, Jr.’s co-conspirators then allegedly used this unauthorized access to the X account to falsely announce that the SEC had approved listing Bitcoin ETFs, which caused the price of Bitcoin to rise by $1,000 and then fall by $2,000.”

The FBI’s Acting Special Agent in Charge, David Geist, praised the collaboration between law enforcement agencies in investigating and arresting Council. He emphasized the FBI’s commitment to combating cybercrime and protecting the integrity of financial markets.

SEC Inspector General Deborah Jeffrey also expressed satisfaction with the arrest, stating, “Today’s arrest demonstrates our commitment to holding bad actors accountable for undermining the integrity of the financial markets.”

The indictment details Council’s involvement in the SIM swap attack, including his use of fake identification and his efforts to conceal his tracks after the crime. It also highlights his online activities and his attempts to research information related to cybercrime investigations.