It could have been an ill-advised prank or an attempt to manipulate crypto markets.
But last year’s hack of the X account belonging to the US Securities and Exchange Commission was something simpler: a minor move in a larger identity theft operation run out of a home in the Alabama town of Athens, population 25,000.
Eric Council, 25, pleaded guilty on Monday to conspiracy to commit identity theft. The identity in question belonged to an SEC employee called “C.L.” in court documents, who had access to the agency’s X account.
Council admitted to posing as CL ($0.00) in order to take control of their phone number and, in turn, the SEC’s X account.
Using the account, Council’s unnamed partners announced the SEC had finally confirmed spot Bitcoin ETFs. Investors had long anticipated this moment. The price of Bitcoin jumped about 2%.
And then it crashed by about 6%.
“The SEC’s @SECGov X/Twitter account has been compromised,” a spokesperson told DL News at the time. “The unauthorised tweet regarding bitcoin ETFs was not made by the SEC or its staff.”
Although the SEC would approve 11 spot Bitcoin ETFs less than 24 hours later, the hack was considered a shocking breach of the US’ top financial regulator.
Here’s how Council did it, according to court records.
On January 9, 2024, one of Council’s partners sent him a template for a fake identification card featuring Council’s face and CL’s name.
Using his own card printer, Council made a fake driver’s license and went to an AT ($0.81)&T store in Huntsville, Alabama, where he convinced a store employee to transfer CL’s phone number to a new SIM card.
Council walked across the street to an Apple Store, bought an iPhone in cash, and plugged in the new SIM card.
Council’s partners tried to log into the SEC‘s X account and requested a password reset — a request that went to Council, whose new iPhone was now receiving messages meant for CL.
Using his personal phone, Council took a picture of the password reset code and sent it to his partners. He drove to Birmingham, Alabama, to return the phone for cash a few hours later, and was paid $50,000 in Bitcoin “and other virtual currencies.”
In the meantime, Council’s partners, now in control of the SEC’s X account, published a post that would whipsaw crypto markets.
“Today the SEC grants approval for #Bitcoin ETFs for listing on all registered national securities exchanges,” the SEC said on X.
In October, federal agents arrested Council at his home in Athens, Alabama.
Council used multiple pseudonyms online, including “Ronin,” “Easymunny,” and “AGiantSchnauzer.”
He also left an incriminating digital trail on his laptop that included templates for other fake IDs and web searches for “federal identity theft statute,” “how can I know for sure if I am being investigated by the FBI,” and “What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them.”
He has agreed to return the $50,000 he was paid to help execute the hack, and under federal sentencing guidelines he could receive a two-year prison term when he goes before a judge on May 16.
Aleks Gilbert is DL News’ New York-based DeFi correspondent. You can contact him at [email protected].
