Alabama Man Pleads Guilty in Connection with Securities and Exchange Commission X Account Hack

An Alabama man pleaded guilty today in connection with the January 2024 unauthorized takeover of the U.S. Securities and Exchange Commission (SEC)’s social media account on X, formerly known as Twitter, in which hackers posted a fraudulent message in the name of the then-SEC Chairman, temporarily causing the value of Bitcoin (BTC) to increase by more than $1,000.

According to court documents, Eric Council Jr., 25, of Athens, conspired with others who took unauthorized control of the SEC’s X account and falsely announced that the SEC approved BTC Exchange Traded Funds, a decision highly anticipated by the market. Immediately following the false announcement, the price of BTC increased by more than $1,000 per bitcoin. Shortly after this unauthorized post, the SEC regained control over its X account and confirmed that the announcement was false and the result of a security breach. Following the correction, the value of BTC decreased by more than $2,000 per bitcoin.

The conspirators gained control of the SEC’s X account through an unauthorized Subscriber Identity Module (SIM) swap carried out by Council. A SIM swap refers to the process of fraudulently inducing a cell phone carrier to reassign a cell phone number from the legitimate subscriber or user’s SIM card to a SIM card controlled by a criminal actor. As part of the scheme, Council used an identification card printer to create a fraudulent identification card with a victim’s personally identifiable information obtained from his co-conspirators. Council used the fraudulent identification card to impersonate the victim and gain access to the victim’s cellular phone number for the purpose of accessing the SEC’s account. Council’s co-conspirators then accessed the account and posted in the name of the SEC Chairman. Council received payment in bitcoin from his co-conspirators for his role.   

Council pleaded guilty to conspiracy to commit aggravated identity theft and access device fraud. He is scheduled to be sentenced on May 16 and faces a maximum penalty of five years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

Supervisory Official Antoinette T. Bacon of the Justice Department’s Criminal Division; U.S. Attorney Edward R. Martin Jr. for the District of Columbia; Special Agent in Charge Sean Ryan of the FBI Washington Field Office, Criminal and Cyber Division; and SEC Inspector General Deborah Jeffrey made the announcement.

The FBI Washington Field Office and SEC Office of Inspector General are investigating the case.

Trial Attorney Ashley Pungello of the Criminal Division’s Computer Crime and Intellectual Property Section, Trial Attorney Lauren Archer of the Criminal Division’s Fraud Section, and Assistant U.S. Attorney Kevin Rosenberg for the District of Columbia are prosecuting the case. Substantial assistance was provided by Cyber Fellow Paul M. Zebb III.

For more information on SIM swapping, visit www.ic3.gov/PSA/2024/PSA240411.