FBI arrests man for SEC social media hack over fake Bitcoin ETF approval post


Receive, Manage & Grow Your Crypto Investments With BrightyReceive, Manage & Grow Your Crypto Investments With Brighty

The FBI arrested the man allegedly responsible for hacking the US Securities and Exchange Commission’s (SEC) X account and using it to make a fake post about the approval of spot Bitcoin (BTC) exchange-traded funds (ETFs) in the US in January.

According to a statement by the US Attorney’s Office for the District of Columbia, the man’s identity is Eric Council Jr., a 25-year-old from Athens, Alabama. The fake announcement resulted in BTC’s price spiking $1,000, before crashing by $2,000 after the SEC regained control of the account and issued a correction.

Council is charged with conspiracy to commit aggravated identity theft and access device fraud. The FBI revealed that the attack was executed through a SIM swap, where Council and co-conspirators manipulated a victim’s phone number to access the SEC’s X account.

Attack paid in Bitcoin

According to the indictment, Council used stolen personal information to forge a fake ID document to conduct the SIM swap, which gave him access to the SEC’s social media account.

SIM Swap is a social engineering attack vector consisting of a bad actor who uses the victim’s personal information to trick mobile service providers into porting the phone number to a new SIM chip.

Thus, the hackers gain access to every platform where the victim uses its mobile number as login credentials. Council allegedly presented the fake ID at a cell phone provider store in Alabama.

After posting the fraudulent message, Council received payment in Bitcoin for his role and quickly returned the equipment used in the attack.

U.S. Attorney Matthew M. Graves emphasized the importance of holding those accountable who manipulate markets through cybercrime. The Justice Department, the FBI, and the SEC’s Office of Inspector General led the investigation.

Millionaire crypto losses

SIM swap attacks are also a usual attack vector applied by hackers to steal crypto. In 2017, investor Michael Terpin lost $24 million after a bad actor compromised one of his wallets using this method.

Moreover, a group of three individuals allegedly stole over $400 million in crypto between March 2021 and April 2023 by using SIM swap attacks to gain access to wallets.

As reported by Ars Technica, the group used the same method allegedly applied by Council, printing fake ID cards and using them to pose as victims in cell phone service provider stores.



Source link

Leave a Reply