A recent arrest in connection with a hack of the US markets regulator’s X account has shed light on the alleged perpetrator’s suspicious online searches. According to court documents, Eric Council Jr, a 25-year-old man from Athens, Georgia, searched for terms like “how can I know for sure if I am being investigated by the FBI” and “signs that you are under investigation by law enforcement… even if you have not been contacted by them.”

Council Jr is accused of being part of a group that hacked the Securities and Exchange Commission (SEC) social media account in January and posted a fake message about Bitcoin, causing the cryptocurrency’s value to temporarily skyrocket. The hack involved removing a key security step from the SEC’s X account access process, allowing hackers to post the false claim that the regulator had approved Bitcoin for mainstream investment funds.

The price of Bitcoin surged by about $1,000 (£770) in response to the fake post before plummeting by $2,000 once the truth was revealed. Despite the chaos caused by the hack, the SEC later approved Bitcoin for mainstream investment through spot Bitcoin exchange-traded funds.

Court documents reveal that Council Jr, who went by the online aliases Ronin, Easymunny, and AGiantSchnauzer, made additional suspicious searches such as “SECGOV hack” and “Telegram sim swap.” He also looked up information on “federal identity theft statute” and “how long does it take to delete a Telegram account.”

The SEC confirmed that the hack was carried out through a Sim swap attack, where the perpetrator fraudulently obtained an SEC employee’s mobile number and used it to access the X account. The lack of adequate protection on the account, including the suspension of multi-factor authentication (MFA) at the request of SEC staff in July 2023, made it easier for the hackers to gain unauthorized access.

Council Jr faces charges of conspiracy to commit aggravated identity theft and access device fraud, with a potential sentence of up to five years in prison if found guilty.

The case serves as a reminder of the ongoing threat of cybercrime and the importance of robust security measures to protect sensitive financial information. It also highlights the need for continued vigilance and cooperation between law enforcement agencies and regulatory bodies to combat cyber threats effectively.

Lidhja e burimit