The FBI arrested the person allegedly accountable for hacking the US Securities and Alternate Fee’s (SEC) X account and utilizing it to make a pretend submit concerning the approval of spot Bitcoin (BTC) exchange-traded funds (ETFs) within the US in January.
In keeping with a press release by the US Legal professional’s Workplace for the District of Columbia, the person’s id is Eric Council Jr., a 25-year-old from Athens, Alabama. The pretend announcement resulted in BTC’s value spiking $1,000, earlier than crashing by $2,000 after the SEC regained management of the account and issued a correction.
Council is charged with conspiracy to commit aggravated id theft and entry machine fraud. The FBI revealed that the assault was executed by means of a SIM swap, the place Council and co-conspirators manipulated a sufferer’s cellphone quantity to entry the SEC’s X account.
Assault paid in Bitcoin
In keeping with the indictment, Council used stolen private info to forge a pretend ID doc to conduct the SIM swap, which gave him entry to the SEC’s social media account.
SIM Swap is a social engineering assault vector consisting of a foul actor who makes use of the sufferer’s private info to trick cell service suppliers into porting the cellphone quantity to a brand new SIM chip.
Thus, the hackers acquire entry to each platform the place the sufferer makes use of its cell quantity as login credentials. Council allegedly offered the pretend ID at a cellular phone supplier retailer in Alabama.
After posting the fraudulent message, Council obtained cost in Bitcoin for his position and shortly returned the gear used within the assault.
U.S. Legal professional Matthew M. Graves emphasised the significance of holding these accountable who manipulate markets by means of cybercrime. The Justice Division, the FBI, and the SEC’s Workplace of Inspector Basic led the investigation.
Millionaire crypto losses
SIM swap assaults are additionally a normal assault vector utilized by hackers to steal crypto. In 2017, investor Michael Terpin misplaced $24 million after a foul actor compromised certainly one of his wallets utilizing this methodology.
Furthermore, a bunch of three people allegedly stole over $400 million in crypto between March 2021 and April 2023 through the use of SIM swap assaults to achieve entry to wallets.
As reported by Ars Technica, the group used the identical methodology allegedly utilized by Council, printing pretend ID playing cards and utilizing them to pose as victims in cellular phone service supplier shops.