In a twist of irony, Eric Council Jr., the notorious hacker behind the SIM swap attack on the Securities and Exchange Commission’s (SEC) X account, was found to have Googled ‘Am I being investigated by the FBI?’ According to recent court filings, Council Jr. raked in $50,000 from orchestrating similar cyberattacks and had been curious about whether he was a target of an FBI investigation.
The court filings were part of the prosecution’s request for a two-year sentence for Council Jr. for his role in the SEC hack. The hack led to a false announcement about Bitcoin’s exchange-traded fund approval, causing a significant market shakeup. Investigations revealed that Council Jr. had also searched ‘How long does it take to delete a Telegram account’ on his devices, which were seized last June following a search warrant.
Despite setting his Telegram chats to auto-delete after two weeks, the prosecutors were able to retrieve messages where Council Jr. discussed SIM swapping with other individuals, believed to be located overseas. Council Jr. had confessed that he earned around $50,000 from offering SIM swap services between January and June 2024.
He had executed the SEC hack by creating false identity documents to impersonate an individual who had access to the SEC’s X account. These documents were used to deceive a staff member at AT&T into reassigning the victim’s phone number to Council Jr.’s SIM card. He then bought a new iPhone, inserted the new SIM card, and shared the SEC’s X account access codes with his accomplices, who then posted the fraudulent Bitcoin ETF approval news.
The prosecutors stated that Council Jr. was paid in Bitcoin and other cryptocurrencies for the SEC hack. However, his luck ran out in June 2024 when law enforcement agents caught him while attempting another SIM swap. A subsequent search warrant led to the discovery of templates for fake ID cards on his laptop. He pleaded guilty on Feb. 10, following an indictment for Conspiracy to Commit Aggravated Identity Theft and Access Device Fraud in October.
The fake news post on the SEC’s X account garnered over a million views before the SEC confirmed the hack 15 minutes later. The incident led to a $1,000 rise in Bitcoin’s price, followed by a nearly $2,000 drop, wiping out tens of millions of dollars in market positions. The SEC’s X account did not have two-factor authentication installed at the time of the incident, a security oversight that the SEC blamed on erroneous removal by X Support.
