In a significant case involving market manipulation, the FBI arrested Eric Council Jr., a 25-year-old Alabama resident, for allegedly hacking the SEC’s X (formerly Twitter) account. This incident took place in January 2024, just before the SEC’s anticipated approval of Bitcoin spot exchange-traded funds (ETFs). Council was charged with conspiracy to commit aggravated identity theft and access device fraud. Authorities stated that he used stolen personal information and employed a SIM-swapping technique to take over the SEC’s account, issuing a fraudulent post announcing the premature approval of Bitcoin ETFs.
The fake tweet had an immediate and significant impact on Bitcoin’s market. The post caused Bitcoin’s price to spike by $1,000 in a matter of minutes, fueling a short-lived market frenzy. However, once the SEC regained control of its account and confirmed that the post was false, Bitcoin’s price plummeted by $2,000. This sudden volatility disrupted the crypto markets, highlighting the sensitivity of digital assets to regulatory developments and misinformation.
The hack involved Council collaborating with others to take control of the SEC’s official account. Council used a SIM-swapping attack—diverting a victim’s phone number to his device—to gain access to the social media account. After acquiring the necessary multi-factor authentication codes, he allowed co-conspirators to issue the fraudulent tweet. The indictment also revealed that Council later returned the phone he used to execute the swap for cash.
This case underscores the vulnerabilities in social media accounts tied to financial regulators and the potential impact of cyberattacks on global markets. Following the incident, both the SEC and law enforcement stressed the importance of enhanced security measures to prevent such breaches. Although the ETFs in question were eventually approved the next day, the episode served as a reminder of the critical need for vigilance in both cybersecurity and financial market regulation.