A cybercriminal in Alabama, suspected of hacking into the US Securities and Exchange Commission’s (SEC’s) X account, has been arrested. He is accused of using the compromised account to post fake messages, causing the value of Bitcoin to boost by $1,000.
Hacker Eric Council Jr, also known as “EasyMunny” and “AGiantSchnauzer,” was allegedly able to secure the credentials for the SEC’s X account through a method called “Sim Swapping.” The council created a fake ID using the stolen personal information of someone who had access to the X account. With the fake ID, he was able to purchase a SIM card linked to the victim’s phone in a cellphone provider store in Alabama, giving Council access to the victim’s personal information and log-in credentials.
Council, along with co-conspirators, then allegedly posted false messages in the name of the SEC Chair announcing the “approval for #Bitcoin ETFs for listing on all registered national securities exchanges.” The value of Bitcoin then inflated by $1,000 but immediately crashed by more than $2,000 per Bitcoin after the SEC regained control of the X account and disclosed the security breach.
Businesses and private individuals are vulnerable
The FBI previously warned the public about SIM Swapping. They caution both individuals and businesses that a SIM Swap scheme enables threat actors to bypass Multi-Factor Authentication, allowing them access to the victim’s accounts and potentially stealing funds or personal information.
Similarly, the staking protocol of EigenLayer’s X account was recently hacked, posting fake airdrop campaigns for their Eigen crypto token and targeting those eligible for a previous token distribution. The posts included malicious links, urging the users to click the links to set reminds for the false airdrop, and leaving one unsuspecting victim drained of $800,000 worth in cryptocurrency after signing a phishing signature scam, allowing the threat actors to steal the victims’ assets.
According to US Attorney Matthew Graves, Council and co-conspirators were allegedly able to utilize the SEC’s compromised X account to “manipulate the global financial market, putting into perspective how much damage a compromised X account can really incur.”
