Listen to this Post
In a stunning intersection of cybercrime and cryptocurrency, an Alabama man has been sentenced to 14 months in prison after orchestrating a scheme that briefly sent Bitcoin prices soaring. Eric Council Jr., a 26-year-old from Huntsville, pleaded guilty to hacking a social media account belonging to the U.S. Securities and Exchange Commission (SEC) and using it to spread false information about Bitcoin ETF approvals. The incident, which occurred in January 2024, not only rattled the financial world but also exposed critical security lapses within government systems and social platforms.
Bitcoin Surge Triggered by Fake SEC Tweet
Eric Council Jr. admitted to using stolen personal information to create a fraudulent ID, which he then used to carry out a SIM swap attack. This method involves tricking mobile carriers into transferring a target’s phone number to a SIM card controlled by the hacker. With control over the victim’s phone number, Council was able to intercept two-factor authentication codes, giving him access to high-level accounts.
Once inside the SEC’s official X (formerly Twitter) account, Council’s co-conspirators posted a fake message under the name of SEC Chairman Gary Gensler. The post falsely announced the regulatory approval of Bitcoin Exchange Traded Funds (ETFs), sparking a brief but dramatic market reaction. Bitcoin’s price shot up by over \$1,000 before crashing more than \$2,000 when the SEC clarified that no such approval had been granted.
Council was compensated in Bitcoin for his part in the scheme. The broader conspiracy may have aimed to capitalize on the market chaos that followed, possibly through strategic trading positions. The U.S. Department of Justice (DoJ) called the attack a serious threat to market integrity and investor trust.
The breach also revealed a glaring oversight: the SEC’s X account did not have two-factor authentication enabled at the time. This lapse was particularly embarrassing for an agency tasked with enforcing cybersecurity standards across publicly listed companies. The hack came during a broader wave of account takeovers, including attacks on Mandiant, Hyundai, and blockchain security firm Certik.
U.S. Attorney Jeanine Pirro emphasized the severity of SIM swap attacks, warning that no one is beyond the reach of the law. “You will be caught, prosecuted, and will pay the price,” she stated bluntly.
What Undercode Say:
This incident underscores multiple layers of concern — not just about cybercrime, but also about the fragility of the systems we depend on to maintain financial order.
First, the method used — SIM swapping — is a well-documented and frequently exploited vulnerability. Yet, it’s shocking how often high-level accounts, even those belonging to government institutions, remain unprotected by basic cybersecurity measures like two-factor authentication. The SEC’s failure to enable 2FA was not just negligent; it was an open invitation for exploitation.
Second, the manipulation of financial markets through disinformation is becoming more common, particularly as cryptocurrency continues to grow in influence. A single tweet, when believed to be from a regulatory authority, caused a market reaction worth billions. This is not merely a prank or a financial crime — it’s a form of psychological warfare targeting market confidence.
Eric Council
There’s also a growing ethical and legal debate about the responsibilities of tech platforms. Elon Musk’s X has been plagued with high-profile breaches, yet basic safeguards like enforced 2FA are still not universal. Should platform providers be held legally accountable when negligence allows these kinds of exploits?
The event should also raise questions about cryptocurrency itself. While decentralization is a core feature of crypto, its susceptibility to rapid swings based on misinformation reveals an instability that mainstream finance can’t ignore. If a single tweet can move prices thousands of dollars, regulators and investors alike must grapple with how truly “safe” these markets are.
Lastly, this breach may lead to stronger calls for identity verification and KYC (Know Your Customer) enforcement even on social platforms. Privacy advocates may resist, but this event proves that anonymous, unchecked access can have massive real-world consequences.
Fact Checker Results: ✅🔍
The SEC account did not have two-factor authentication at the time of the hack.
Bitcoin’s price briefly surged by over \$1,000 before dropping \$2,000 after the fake tweet.
The hacker received BTC as payment for his role in the breach.
Prediction 📈
The fallout from this incident is likely to accelerate regulatory reforms in both the cryptocurrency and cybersecurity sectors. We can expect mandatory 2FA enforcement across all government and financial institutions’ social media platforms. The SEC, already under fire, will likely double down on its cybersecurity mandates for public firms. On the tech front, platforms like X may face increasing pressure to implement stronger security protocols and could even be subjected to regulation similar to financial institutions.
References:
Reported By: www.infosecurity-magazine.com
Extra Source Hub:
https://www.facebook.com
Wikipedia
Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
