• Vulnerable U
  • Posts
  • Alabama Man Pleads Guilty to SEC Twitter Account Hack

Alabama Man Pleads Guilty to SEC Twitter Account Hack

Eric Council Jr., 25, who was arrested in October 2024, pleaded guilty to conspiracy to commit aggravated identity theft and access device fraud

Author

Newsroom
February 10, 2025

On Monday, an Alabama man pleaded guilty in connection with the high-profile takeover of the U.S. Securities and Exchange Commission’s (SEC) Twitter account in January 2024. 

Key Details

  • Eric Council Jr., 25, of Athens, who was arrested in October 2024, pleaded guilty to conspiracy to commit aggravated identity theft and access device fraud

  • Council is scheduled to be sentenced on May 16, and faces a maximum penalty of five years in prison 

  • In last year’s attack, Council worked with unnamed co-conspirators to take over control of the SEC’s Twitter account and post a fake message that the SEC had approved BTC Exchange Traded Funds, causing the value of Bitcoin to spike up to more than $1,000

The Background: Shortly after the SEC account takeover, the SEC took back control of the account and confirmed that the announcement about BTC Exchange Traded Funds was false, leading to the value of BTC decreasing by more than $2,000 per bitcoin. The SEC said the account breach stemmed from a SIM swapping attack where attackers were able to take over the phone number associated with the account, in order to access the Twitter account and send out the fake tweet. 

When Council was arrested in October 2024, further details about the attack came to light. According to court documents, Council traveled to an AT&T store with fake documentation pretending to be an FBI employee with a broken phone and requesting a new SIM card. After obtaining the new SIM card, Council was able to take over the cellphone number, which was linked to the SEC’s social media account, and receive two-factor security reset codes linked to the account. 

“Council used the fraudulent identification card to impersonate the victim and gain access to the victim’s cellular phone number for the purpose of accessing the SEC’s account,” according to the Monday release from the Justice Department. “Council’s co-conspirators then accessed the account and posted in the name of the SEC Chairman. Council received payment in bitcoin from his co-conspirators for his role.”

After the compromise, Council also used his personal device to search for various incriminating terms, including “What are some signs that the FBI is after you” and “what are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them.”