Alabama Man Sentenced to 14 Months in Prison for Role in SEC Bitcoin Announcement Hack
A judge on Friday sentenced an Alabama man to 14 months in prison for his role in the January 2024 hack of the Securities and Exchange Commission's X account, which briefly spiked the price of bitcoin by more than $1,000. Eric Council Jr., a 26-year-old resident of Huntsville, pleaded guilty three months ago to conspiracy to commit aggravated identity theft and access device fraud.
The X account was used to falsely claim that the SEC had officially approved exchange-traded funds for bitcoin. The cryptocurrency's price rose after the tweet, but then fell by more than $2,000 when the SEC regained control of the account and said the tweet was false. Ironically, the SEC announced the next day that it had approved rule changes that allowed the creation of bitcoin ETFs.
Council's role in the hack involved executing a so-called SIM swap attack on a person whose phone number was linked to the SEC's X account. He used a portable ID card printer to print out the victim's driver's license and then used the ID at an AT&T store in Huntsville to reassign the victim's cell phone number to a telephone controlled by Council.
After gaining access to the victim's phone number, Council's co-conspirators accessed the account and posted in the name of the SEC Chairman. At the time of the bogus tweet, the bitcoin market was awaiting news of a decision on bitcoin ETFs. Council was paid approximately $50,000 worth of bitcoin for his role in the hack.
Prosecutors had requested a sentence of 24 months, but the judge imposed a sentence of 14 months. The judge noted that Council's defense lawyer had argued that he had no prior criminal history and had only used marijuana daily to aid with mental health struggles.
The Hack and its Aftermath
The SEC said that the next day, it had approved rule changes that allowed the creation of bitcoin ETFs. The agency stated that the hack was an inside job, citing Council's claim in a video statement that the SEC's cybersecurity practices were to blame.
"Schemes of this nature threaten the health and integrity of our market system," said District of Columbia U.S. Attorney Jeanine Pirro. "SIM swap schemes threaten the financial security of average citizens, financial institutions, and government agencies."
Council's Role in the Hack
Council's defense lawyer, Dwight Crawley, requested a prison term of 12 months and a day for his client. Crawley argued that Council had no prior criminal history and had only used marijuana daily to aid with mental health struggles.
"The defendant admitted to using marijuana daily prior to his arrest, but he has not had any drug or alcohol infractions since his release on pre-trial supervision," Crawley wrote in a sentencing memo. "According to the defendant, his marijuana use aided him with his mental health struggles."
The Video Statement
Council's defense lawyer declined to comment on the video statement cited by prosecutors, which depicted characters dancing and claimed that Council was the only reason the SEC's financial regulatory agency got hacked.
"But at the end of the day, the only reason their financial regulatory agency got hacked was because of a college drop out that majored in Cyber Security and violently smoked a lot of weed," the video statement concluded.