Federal prosecutors are preparing to offer a plea deal to Eric Council Jr., a 25-year-old man from Alabama, who is facing charges for his involvement in the Jan.9 hack of the U.S. Securities and Exchange Commission’s (SEC) X account.
This hack made headlines because it included a fake social media post claiming that the SEC had approved the first-ever spot Bitcoin exchange-traded funds (ETFs). This was big, especially since the SEC was expected to announce their decision on Bitcoin ETFs the very next day.
During the hearing in Washington federal court, Assistant U.S. Attorney Kevin Rosenberg announced, “We will extend a plea,” but he also said it’s uncertain whether Council will accept it.
According to Bloomberg report , the Council has pleaded not guilty to charges of conspiring to commit aggravated identity theft and access device fraud. Prosecutors believe that if Council cooperates, he might help them identify others involved in the scheme.
Authorities allege that he created a fake identification and tricked an employee at a local phone store into helping him access the victim’s phone. The co-conspirators reportedly identified the SEC staff member whose personal information was used to gain entry into the agency’s account.
The hacking incident occurred just a day before the SEC was expected to announce its decision on the approval of spot market Bitcoin ETFs. It created a sensational context for the unauthorized post made on Jan 9 , which falsely claimed that the SEC had granted approval to several companies.
In the aftermath, the SEC stated that the breach was due to a SIM swapping attack, which allowed the hacker to gain control over the SEC’s phone number associated with the account.
This unauthorized access led to the resetting of the account’s password. Although multi-factor authentication (MFA) was previously enabled, it had been disabled by X Support due to access issues. MFA has since been re-enabled for all SEC social media accounts. However, investigations are still ongoing.
