# Misinformation on SEC’s Twitter/X Account Triggers Bitcoin Price Surge: An Instance of SIM Swap Fraud
In an alarming event earlier this year, a man faced charges for hijacking the official Twitter/X account of the U.S. Securities and Exchange Commission (SEC) to disseminate untrue information that resulted in a considerable increase in Bitcoin’s price. This case, which involved an advanced SIM swap assault, underscores the escalating menace of cybercrime and its ability to disrupt financial systems.
## The Event: A Deceptive Tweet Incites Market Turmoil
In January 2024, federal prosecutors disclosed that a syndicate of cybercriminals successfully breached the SEC’s official X (formerly Twitter) account. The perpetrators issued a false tweet asserting that the SEC had sanctioned Bitcoin exchange-traded funds (ETFs) for listing on all accredited national securities exchanges. This erroneous declaration spurred Bitcoin’s price to leap by $1,000 in mere minutes, as investors hurried to seize what they perceived as a significant regulatory advance.
Nonetheless, the surge was fleeting. As soon as it became evident that the SEC account had been compromised and such approval was nonexistent, Bitcoin’s price plummeted by $2,000. The event illuminated the susceptibility of financial markets to misinformation, especially when it comes from ostensibly reliable sources like official government accounts.
## The Mechanics of the Assault: SIM Swap Fraud
The scheme was facilitated by a method known as **SIM swapping**, a type of identity theft that allows hackers to gain control of a victim’s phone number. The assailants utilized this technique to circumvent the two-factor authentication (2FA) safeguards on the SEC’s X account.
### How SIM Swapping Operates
1. **Identity Theft**: The attackers initially impersonated an SEC employee who had access to the X account. They gathered personal data, including the employee’s name and phone number.
2. **Carrier Manipulation**: With the stolen identity, the attackers reached out to the employee’s cellular carrier (in this instance, AT&T) and persuaded them to transfer the phone number to a new SIM card. This is usually framed under the guise that the legitimate account holder had acquired a new device or misplaced their old one.
3. **New SIM Activation**: After the phone number was shifted to the new SIM, the attackers placed it into a device they controlled. This enabled them to receive any texts or calls meant for the original number, including 2FA codes.
4. **Account Compromise**: Armed with the 2FA code, the attackers could reset the password for the SEC’s X account and gain complete access. They then exploited this access to tweet the deceitful message regarding Bitcoin ETFs.
### The Significance of Two-Factor Authentication
Two-factor authentication (2FA) is a prevalent security measure requiring users to provide a second form of verification—commonly a code delivered via text message—when accessing an account. Although 2FA adds an additional layer of security, it can be susceptible to SIM swap fraud, as exemplified in this instance. Once the attackers commandeered the phone number, they were poised to intercept the 2FA code and breach the SEC’s X account.
## The Aftermath: Legal Proceedings and Market Implications
The individual implicated in connection with the assault was identified as **Eric Council Jr.**, a 25-year-old from Athens, Alabama. According to the indictment, Council was part of a broader criminal conspiracy designed to manipulate Bitcoin’s price for financial gain. The group had amassed substantial amounts of Bitcoin at lower prices and aimed to benefit by artificially boosting its worth through the false SEC statement.
### The Indictment
The indictment, unveiled in U.S. District Court for the District of Columbia, outlines the actions Council reportedly took to execute the SIM swap:
– Council visited an AT&T store in Huntsville, Alabama, where he presented a counterfeit identification card in the name of the SEC employee whose number he was targeting.
– He posed as an FBI employee claiming his phone was damaged and needed a new SIM card.
– After acquiring the new SIM, Council bought a new iPhone and inserted the SIM card to collect the 2FA codes for the SEC’s X account.
– Once the account was breached, a co-conspirator tweeted the fraudulent message.
Council was charged with conspiracy to commit aggravated identity theft and access device fraud. Currently, it remains uncertain when he will face court.
## The Broader Implications: Cybersecurity and Financial Systems
This occurrence serves as a stark warning of the weaknesses present in both the digital and financial arenas. The capacity of cybercriminals to distort markets through misinformation poses an increasing threat, particularly as more financial institutions and regulators depend on social media to engage with the public.
### The Role of Bitcoin ETFs
The false tweet asserted that the SEC had greenlit Bitcoin ETFs, a highly
