The FBI arrested the person allegedly chargeable for hacking the US Securities and Trade Fee’s (SEC) X account and utilizing it to make a faux put up in regards to the approval of spot Bitcoin (BTC) exchange-traded funds (ETFs) within the US in January.
In response to an announcement by the US Lawyer’s Workplace for the District of Columbia, the person’s identification is Eric Council Jr., a 25-year-old from Athens, Alabama. The faux announcement resulted in BTC’s worth spiking $1,000, earlier than crashing by $2,000 after the SEC regained management of the account and issued a correction.
Council is charged with conspiracy to commit aggravated identification theft and entry system fraud. The FBI revealed that the assault was executed by way of a SIM swap, the place Council and co-conspirators manipulated a sufferer’s telephone quantity to entry the SEC’s X account.
Assault paid in Bitcoin
In response to the indictment, Council used stolen private data to forge a faux ID doc to conduct the SIM swap, which gave him entry to the SEC’s social media account.
SIM Swap is a social engineering assault vector consisting of a nasty actor who makes use of the sufferer’s private data to trick cellular service suppliers into porting the telephone quantity to a brand new SIM chip.
Thus, the hackers acquire entry to each platform the place the sufferer makes use of its cellular quantity as login credentials. Council allegedly offered the faux ID at a cellphone supplier retailer in Alabama.
After posting the fraudulent message, Council obtained cost in Bitcoin for his function and rapidly returned the gear used within the assault.
U.S. Lawyer Matthew M. Graves emphasised the significance of holding these accountable who manipulate markets by way of cybercrime. The Justice Division, the FBI, and the SEC’s Workplace of Inspector Normal led the investigation.
Millionaire crypto losses
SIM swap assaults are additionally a normal assault vector utilized by hackers to steal crypto. In 2017, investor Michael Terpin misplaced $24 million after a nasty actor compromised one in every of his wallets utilizing this technique.
Furthermore, a bunch of three people allegedly stole over $400 million in crypto between March 2021 and April 2023 by utilizing SIM swap assaults to realize entry to wallets.
As reported by Ars Technica, the group used the identical technique allegedly utilized by Council, printing faux ID playing cards and utilizing them to pose as victims in cellphone service supplier shops.