PRESS RELEASE
WASHINGTON – Eric Council, 25, of Athens, Alabama, entered a responsible plea right now to at least one depend of conspiracy to commit aggravated identification theft in United States District Courtroom for the District of Columbia. Council was arrested on October 17, 2024, in connection together with his position in a conspiracy to hack into the X account of the U.S. Securities and Trade Fee (SEC) and publish fraudulent posts within the title of the then-SEC Chairman.
The plea was introduced by U.S. Lawyer Edward R. Martin, Jr., Supervisory Official Antoinette T. Bacon of the Justice Division’s Legal Division, SEC Inspector Common Deborah Jeffrey and FBI Particular Agent in Cost Sean Ryan of the Washington Subject Workplace, Legal and Cyber Division.
Council’s plea was entered earlier than U.S. District Courtroom Choose Amy Berman Jackson within the District of Columbia. He faces a most sentence of 5 years in jail, a $250,000 nice, and as much as three years of supervised launch. His sentencing is scheduled for Could 16, 2025.
In line with court docket paperwork, from not less than January 2024, Council conspired with others to hold out Subscriber Identification Mannequin (SIM) assaults, generally known as “SIM swaps,” in trade for cash.
A SIM card is a chip that shops data figuring out and authenticating a cellphone subscriber and connects a bodily cellphone to a cell service’s mobile and information community. A SIM swap assault is a type of subtle fraud the place prison actors fraudulently induce a cell service to reassign a cell phone quantity from a sufferer’s SIM card to a SIM card and phone managed by a prison actor making an attempt to entry useful data related to the sufferer’s phone. Members of SIM swapping teams conduct SIM swaps for the aim of defeating multifactor authentication and/or two-step verification safety features for web related accounts, equivalent to social media and digital forex accounts.
After convincing a cell service to reassign a telephone quantity to a brand new SIM card within the prison actor’s management, members of the conspiracy generate password reset safety authentication codes for on-line accounts and people codes are in flip despatched to the phone within the management of the prison actor. Members of SIM swap teams share the safety reset codes with each other to unlawfully entry a sufferer’s web related accounts and full the fraud.
On or about January 9, 2024, Council, and others, executed a SIM swap of the cell phone account related to the @SECgov X account, the official account of the SEC. The aim of this SIM swap was to achieve unauthorized entry to this authorities account so as to make fraudulent posts.
Earlier than January 9, a member of the conspiracy had recognized the licensed person for the telephone quantity linked to the official @SECgov X account. Council acquired instruction from a co-conspirator to carry out the SIM swap on this telephone line, together with data to make the wanted faux ID, that’s, a picture of an ID card template with the licensed person’s title on it however Council’s face, and data purporting to be the person’s date of beginning and social safety quantity.
Council used his transportable ID card printer to create a bodily ID which he used to impersonate the sufferer at an AT&T retailer in Huntsville, Alabama. Council supplied false data to the AT&T retailer worker to elucidate why he wanted a substitute SIM card. Council obtained the SIM card linked to the sufferer’s telephone line and walked to a close-by Apple retailer the place he bought a brand new iPhone to make use of within the crime. He inserted the SIM card to activate the telephone, acquired the @SECGov X password reset codes on this new telephone linked to the sufferer’s SIM card and used his private cellphone to take a photograph of the @SECgov X account reset code to share together with his co-conspirators. After passing alongside the password reset codes, Council drove to Birmingham, Alabama and instantly returned the iPhone for money.
A member of the conspiracy used the reset code to achieve entry to the @SECGov X account and difficulty a fraudulent publish within the title of the then-SEC Chairman, falsely asserting SEC approval of Bitcoin (BTC) Trade Traded Funds (ETFs). The value of BTC elevated by greater than $1,000 following the publish. Shortly after this unauthorized publish, the SEC regained management over their X account and confirmed that the announcement was unauthorized and the results of a safety breach, which triggered the worth of BTC decreased by greater than $2,000.
Council additionally admitted to making an attempt to carry out extra SIM swaps in June 2024 in Alabama. In June 2024, the FBI executed a search warrant at an Athens, Alabama, condo the place he resided. Brokers recovered a faux identification card and a transportable ID card printer. Additionally they recovered a laptop computer pc.
Pursuant to the search warrant, brokers searched the laptop computer and found templates for added faux identification playing cards saved on the laptop computer together with web searches for
“SECGOV hack,” “telegram sim swap,” “how can I do know for positive if I’m being investigated by the FBI,” “What are the indicators that you’re below investigation by regulation enforcement or the FBI even if in case you have not been contacted by them,” “what are some indicators that the FBI is after you,” “Verizon retailer record,” “federal identification theft statute,” and “how lengthy does it take to delete telegram account.”
Council admitted to receiving roughly $50,000 from members of the conspiracy to carry out SIM swap through the earlier six months.
This case is being investigated by the FBI Washington Subject Workplace Legal and Cyber Division, the SEC-Workplace of Inspector Common, the U.S. Lawyer’s Workplace for the District of Columbia, and the Pc Crime and Mental Property Part (CCIPS) and Fraud Part’s Market Integrity and Main Frauds Unit of the Justice Division’s Legal Division. Important help was supplied by the FBI’s Birmingham Subject Workplace.
The prosecution is being dealt with by Assistant United States Lawyer Kevin Rosenberg, CCIPS Trial Lawyer Ashley Pungello, and Fraud Part Trial Lawyer Lauren Archer. Useful help was supplied by Assistant United States Lawyer John Hundscheid from the Northern District of Alabama.
For extra data on SIM swapping, go to: https://www.ic3.gov/PSA/2024/PSA240411
