Hacker accused of manipulating Bitcoin prices with a fake SEC tweet was arrested after allegedly searching 'what are some signs the FBI is after you'

On January 9, 2024, a now-deleted tweet from @SECGov, the X account of the U.S. Securities and Exchange Commission, declared that the SEC had granted "approval for Bitcoin ETFs for listing on all registered national securities exchanges," causing the price of Bitcoin to jump by more than $1,000. The SEC, however, had done no such thing. As SEC Chair Gary Gensler tweeted minutes later, the SEC's X account had been hacked; the fraudulent tweet was posted as part of a scheme to manipulate Bitcoin prices.

The hacker responsible for that scheme, according to the FBI, is Eric Council Jr., a 25-year-old Alabama man who was arrested earlier today under allegations of working with co-conspirators to take unauthorized control of the SEC X account with a SIM swap (via The Verge).

According to the indictment filings, Council—aka "Ronin," aka "AGiantSchnauzer," aka "@Easymunny"—allegedly worked alongside other hackers to gain access to the personal information of a federal employee with access to the @SECGov account. Council then used his convenient ID card printer—something only upstanding citizens have in their homes—to print an ID card pairing his face with the federal employee's personal info.

The indictment says that, fraudulent ID in hand, Council went to an AT&T branch where he managed to obtain a SIM card linked to the victim's phone number, allowing him to initiate the account recovery procedures for the victim's social media accounts. With those 2FA recovery codes now being sent to Council's SIM-swapped phone, he was able to access the @SECGov account and tweet a false announcement to juice Bitcoin prices.

In other words, Council allegedly committed like, four other crimes before things had even reached the "tweeting to manipulate markets under the guise of the federal agency meant to prevent market manipulation" stage. If I was running Bitcoin scams at 25 years old, I would maybe have set my sights a little lower than the US federal government, but I guess I don't have @Easymunny's edge.

What's particularly delightful about Council's accused misdeeds is what he got up to after the SEC hack went down. After returning the iPhone he'd allegedly bought for the sole purpose of SIM-swapping (instead of throwing it into a lake like any sensible person would), the indictment says Council started searching terms related to the hack, including:

• "SECGOV hack"
• "telegram sim swap"
• "how can I know for sure if I am being investigated by the FBI"
• "What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them"
• "what are some signs that the FBI is after you"
• "Verizon store list"
• "federal identity theft statute"
• "how long does it take to delete telegram account"

It's unclear whether these alleged searches contributed directly to Council's eventual arrest, but if you're considering searching "am I about to be entirely hoisted by the crime I may or may not have committed," I would advise against it. If you have to ask, you probably won't like the answer.

Also, you don't need to phrase your Google searches like questions. It's fine.