Photo credit: www.darkreading.com
WASHINGTON – In a recent development in cybercrime, Eric Council, 25, from Athens, Alabama, pled guilty to conspiracy related to aggravated identity theft in the U.S. District Court for the District of Columbia. His arrest took place on October 17, 2024, following accusations that he was involved in a scheme to hack into the X account belonging to the U.S. Securities and Exchange Commission (SEC), where he and his co-conspirators intended to publish fraudulent announcements under the guise of the then-SEC Chairman.
The announcement of the plea was made by U.S. Attorney Edward R. Martin, Jr., along with several officials from the Justice Department, SEC, and the FBI. The court process was overseen by U.S. District Court Judge Amy Berman Jackson, who indicated that Council could face up to five years of imprisonment, a fine potentially reaching $250,000, and a term of supervised release lasting up to three years. His sentencing is set for May 16, 2025.
Court documents reveal that since at least January 2024, Council conspired to carry out Subscriber Identity Model (SIM) attacks, known as “SIM swaps,” for financial compensation. A SIM card is essential for linking a mobile device to a cellular network, while a SIM swap attack constitutes a deceitful method by which criminals obtain control of a victim’s phone number, allowing them access to sensitive accounts.
In a SIM swap, perpetrators deceive mobile service providers into transferring a phone number from its legitimate SIM card to one controlled by the fraudster. This can permit attackers to bypass important security measures such as multifactor authentication that protect online accounts, including social media and cryptocurrency platforms.
On or around January 9, 2024, members of Council’s group successfully executed a SIM swap on the phone associated with the @SECgov account, aiming to gain unauthorized access for the purpose of posting false information. Prior to this incident, an accomplice had identified the legitimate user linked to the SEC’s official account. Following instructions from a co-conspirator, Council crafted a fake ID representing the authorized user to facilitate the SIM swap.
Using a portable ID printer, Council created an imitation identification document, which he employed to impersonate the victim at an AT&T store in Huntsville, Alabama. Misleading the store employee, he successfully acquired a new SIM card and subsequently activated a new iPhone with it. The password reset codes for the @SECgov account were then directed to this new device, allowing Council to share these codes with his associates. Afterward, he returned the iPhone for cash in Birmingham, Alabama.
One of Council’s co-conspirators utilized the reset code to access the @SECgov account and post fraudulent information claiming that the SEC had approved Bitcoin (BTC) Exchange Traded Funds (ETFs). This false announcement led to an immediate spike in Bitcoin’s value by over $1,000. However, the SEC quickly regained control of the account and confirmed the breach, which caused Bitcoin’s value to plummet by more than $2,000.
In addition, Council acknowledged attempting further SIM swaps in June 2024. During an FBI raid on his residence in Athens, agents confiscated a counterfeit ID and a portable ID printer, along with a laptop. Investigators discovered templates for additional fake IDs on the laptop, as well as various internet search queries related to the hacking incident.
Council’s criminal activities reportedly netted him approximately $50,000 from fellow conspirators for his SIM swapping efforts over the preceding six months.
The investigation into this case was conducted by multiple agencies, including the FBI’s Criminal and Cyber Division and the SEC Office of Inspector General. The case’s prosecution is being led by Assistant U.S. Attorney Kevin Rosenberg, alongside other attorneys from the Justice Department’s Criminal Division.
For further insights on SIM swapping and preventative measures, additional information is available at: https://www.ic3.gov/PSA/2024/PSA240411
Source
www.darkreading.com