The FBI has arrested the person allegedly accountable for hacking into the U.S. Securities and Change Fee's (SEC) X account and utilizing it to put up a false message in regards to the approval of exchange-traded funds (ETFs) in counting Bitcoin (BTC) in america in January.
In line with a launch from the U.S. Legal professional's Workplace for the District of Columbia, the person's identification is Eric Council Jr., a 25-year-old from Athens, Alabama. The faux announcement prompted the worth of BTC to surge by $1,000, earlier than crashing by $2,000 after the SEC regained management of the account and issued a correction.
Council is charged with conspiracy to commit aggravated identification theft and entry machine fraud. The FBI revealed that the assault was executed by way of a SIM swap, the place the Council and co-conspirators manipulated a sufferer's telephone quantity to achieve entry to the SEC's X account.
Assault paid in Bitcoin
In line with the indictment, Council used stolen private data to forge a false identification doc to finish the SIM swap, which gave him entry to the SEC's social media account.
SIM Swap is a social engineering assault vector consisting of a malicious actor utilizing the sufferer's private data to trick cell service suppliers into porting the telephone quantity to a brand new SIM chip.
Thus, hackers have entry to all platforms on which the sufferer makes use of their cell quantity as a connection identifier. Council allegedly introduced the faux ID at a cellphone supplier's retailer in Alabama.
After posting the fraudulent message, Council obtained cost in Bitcoin for its function and shortly returned the gear used within the assault.
U.S. Legal professional Matthew M. Graves emphasised the significance of holding accountable those that manipulate markets by means of cybercrime. The Division of Justice, the FBI and the SEC's Workplace of Inspector Common led the investigation.
Crypto millionaire losses
SIM swap assaults are additionally a typical assault vector utilized by hackers to steal cryptocurrencies. In 2017, investor Michael Terpin misplaced $24 million after a nasty actor compromised certainly one of his portfolios utilizing this methodology.
Moreover, a gaggle of three people allegedly stole over $400 million in crypto between March 2021 and April 2023 utilizing SIM swap assaults to achieve entry to wallets.
As Ars Technica stories, the group used the identical methodology allegedly utilized by the Council, printing faux ID playing cards and utilizing them to pose as victims in cellphone service suppliers' shops. .
