SEC X Account Hack Results in Prison Sentence

05/16/2025 Cybercrime

A 26-year-old man, Eric Council Jr., has been sentenced to 14 months in prison and three years of supervised release for his involvement in a significant cybercrime. Council was a key participant in the unauthorized takeover of the official X account belonging to the U.S. Securities and Exchange Commission (SEC) in 2024.

The illegal activity involved a coordinated effort to manipulate the cryptocurrency market. By gaining control of the SEC's X account, the group disseminated false information regarding the agency's approval of Bitcoin exchange-traded funds (ETFs). This deceptive announcement caused a sharp and artificial surge in the Bitcoin price, creating significant market instability before the price inevitably corrected.

The Method of Attack

The Department of Justice detailed the SIM swap attack employed by Council and his accomplices. This sophisticated technique involved compromising the cellular account associated with an individual possessing access to the SEC's X account. By gaining control of the phone number, the hackers were able to reset the account password and seize control of the SEC's official presence on the platform.

This case highlights the vulnerability of even high-profile accounts to sophisticated hacking techniques. The severe consequences faced by Council serve as a stark reminder of the legal ramifications associated with such cybercriminal activities.

The sentence imposed underscores the seriousness of the crime and the determination of law enforcement agencies to prosecute those involved in digital fraud and market manipulation.