U.S. Seeks 2-Year Sentence for Hacker Behind SEC X Account Breach
U.S. prosecutors are seeking a two-year sentence and financial penalties for the hacker who compromised the SEC’s X account. The fake post he published briefly sent Bitcoin’s price higher.
U.S. federal prosecutors are seeking a two-year prison sentence for Eric Council Jr., the hacker who compromised the U.S. Securities and Exchange Commission's X account in early 2024.
They described the scheme as technically sophisticated and financially lucrative for Council or his associates.
- Prosecutors argue the case merits sentencing under federal guidelines.
- They are also calling for Council to pay restitution to victims along with additional financial penalties.
The defendant previously accepted a plea deal, admitting to conspiracy to commit identity theft and wire fraud. Under the agreement, he will forfeit $50,000 in criminal proceeds. Nevertheless, he still faces formal sentencing, with his defense team expected to submit a response to the court.
According to court filings, Council and his accomplices used forged documents, including fake driver’s licenses and Social Security numbers, to trick an AT&T employee into transferring the phone number of an SEC staff member to a SIM card under their control.
He then:
- Purchased a new iPhone
- Installed the compromised SIM card
- Passed along access codes to the SEC’s X account to his co-conspirators.
With control of the SEC’s X account, the attackers posted a false announcement claiming that spot Bitcoin ETFs had been approved. Although entirely fabricated, the post triggered a spike of more than $1,000 in Bitcoin’s price within minutes. The tweet was deleted after 15 minutes, but its market impact lingered until the SEC issued an official statement the following day.
According to court filings, two-factor authentication was not enabled on the account at the time of the breach.
Related: How Cryptocurrency and Its Owners Are Tracked
During FBI searches, agents seized electronic devices, flash drives, and templates for fake IDs. Despite the use of auto-delete features, investigators recovered Telegram chats between the suspects.
Prosecutors also noted Council’s incriminating search history, which included:
- “How can I know for sure if I am being investigated by the FBI”
- “How long does it take to delete Telegram account”
Investigators also uncovered manuals on evading surveillance and exploiting vulnerabilities in telecom systems. Council admitted that between January and June 2024, he earned around $50,000 from SIM-swap attacks, operating under the alias “easymunny” and charging $1,200 to $1,500 per job, paid in various cryptocurrencies.
Related: WhiteBIT’s Cybersecurity Tips
In the SEC X account breach, the fake ETF approval post (and the agency’s subsequent denial) triggered liquidations worth tens of millions of dollars, shaking investor confidence in the reliability of official communication channels.
The incident once again exposed the vulnerability of social media to targeted disinformation attacks and underscored the need for stronger account security at financial institutions.
The content on The Coinomist is for informational purposes only and should not be interpreted as financial advice. While we strive to provide accurate and up-to-date information, we do not guarantee the accuracy, completeness, or reliability of any content. Neither we accept liability for any errors or omissions in the information provided or for any financial losses incurred as a result of relying on this information. Actions based on this content are at your own risk. Always do your own research and consult a professional. See our Terms, Privacy Policy, and Disclaimers for more details.
Articles by this author
