Source: Office of United States Attorneys
WASHINGTON – Eric Council Jr., 26 of Athens, Alabama, was sentenced today to 14 months in prison for his role in a conspiracy that hacked into the X account of the U.S. Securities and Exchange Commission (SEC) and published fraudulent posts in the name of the then-SEC Chairman, all to manipulate the value of Bitcoin.
The sentence was announced by U.S. Attorney Jeanine Ferris Pirro, Head of the Justice Department’s Criminal Division Matthew R. Galeotti, SEC Inspector General Deborah Jeffrey, and FBI Special Agent in Charge Sean Ryan of the Washington Field Office Criminal and Cyber Division.
According to court documents, from at least January 2024, Council conspired with others to carry out Subscriber Identity Model (SIM) attacks, commonly referred to as “SIM swaps,” in exchange for money.
On or about Jan. 9, 2024, Council, and others, executed a SIM swap of the mobile phone account associated with the @SECgov X account, the official account of the SEC. The purpose was to gain unauthorized access to this government account in order to make fraudulent posts.
Council used his portable ID card printer to create a physical ID which he used to impersonate the victim at an AT&T store in Huntsville, Alabama. Council provided false information to the AT&T store employee to explain why he needed a replacement SIM card. Council obtained the SIM card linked to the victim’s phone line and walked to a nearby Apple store where he purchased a new iPhone. He inserted the SIM card to activate the phone, received the @SECGov X password reset codes on this new phone linked to the victim’s SIM card and used his personal cell phone to take a photo of the @SECgov X account reset code to share with his co-conspirators. After passing along the password reset codes, Council returned the iPhone for cash.
A member of the conspiracy used the reset code to gain access to the @SECGov X account and issue a fraudulent post in the name of the then-SEC Chairman, falsely announcing SEC approval of Bitcoin (BTC) Exchange Traded Funds (ETFs). The price of BTC increased by more than $1,000 following the post. Shortly after, the SEC regained control over their X account and confirmed that the announcement was unauthorized and the result of a security breach, which caused the value of BTC to decrease by more than $2,000.
“Schemes of this nature threaten the health and integrity of our market system,” said U.S. Attorney Pirro. “SIM swap schemes threaten the financial security of average citizens, financial institutions, and government agencies. Don’t fool yourself into thinking you can’t be caught. You will be caught, prosecuted, and will pay the price for the damage your actions create.”
“Council and his co-conspirators used sophisticated cyber means to compromise the SEC’s X account and posted a false announcement that distorted important financial markets,” said Matthew R. Galeotti, Head of the Justice Department’s Criminal Division. “Prosecuting those who seek to enrich themselves by threatening the integrity of digital assets through fraud is critical to protecting U.S. interests. The Department of Justice is committed to holding accountable individuals who commit cyber fraud and harm investors.”
“The deliberate takeover of a federal agency’s official communications platform was a calculated criminal act meant to deceive the public and manipulate financial markets,” said FBI Criminal Investigative Division Acting Assistant Director Darren Cox. “By spreading false information to influence the markets, Council attempted to erode public trust and exploit the financial system. Today’s sentencing makes clear that anyone who abuses public platforms for criminal gain will be held accountable.”
“Today’s sentencing exemplifies SEC OIG’s commitment to holding bad actors accountable and maintaining the integrity of SEC programs and operations through thorough investigative oversight,” said SEC OIG Special Agent in Charge Amanda James. “We are committed to working with the SEC and other law enforcement partners to help the SEC effectively and efficiently deliver on its critical mission.”
Council admitted to attempting to perform additional SIM swaps in June 2024 in Alabama. In June 2024, the FBI executed a search warrant at an Athens, Alabama, apartment where he resided. Agents recovered a fake identification card and a portable ID card printer. They also recovered a laptop computer.
Pursuant to the search warrant, agents searched the laptop and discovered templates for additional fake IDs along with internet searches for “SECGOV hack,” “telegram sim swap,” “how can I know for sure if I am being investigated by the FBI,” “What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them,” “what are some signs that the FBI is after you,” “Verizon store list,” “federal identity theft statute,” and “how long does it take to delete telegram account.”
Council, aka “Ronin” and “Agiantschnauzer,” was arrested Oct. 17, 2024, and admitted to receiving about $50,000 to perform SIM swap. He pleaded guilty Feb. 10, 2025, in the District of Columbia to conspiracy to commit aggravated identity theft. In addition to the prison term, U.S. District Court Judge Amy Berman Jackson ordered forfeiture of $50,000 and three years of supervised release with the condition that he not use computers to access the dark web or commit further identity fraud.
A SIM card is a chip that stores information identifying and authenticating a cell phone subscriber and connects a physical cell phone to a mobile carrier’s cellular and data network. A SIM swap attack fraudulently induces a mobile carrier to reassign a mobile phone number from a victim’s SIM card to a SIM card and telephone controlled by a criminal actor attempting to access valuable information associated with the victim’s telephone. SIM swapping groups conduct SIM swaps for the purpose of defeating multifactor authentication and/or two-step verification security features for social media and virtual currency accounts.
After convincing a mobile carrier to reassign a phone number to a new SIM card, members of the conspiracy generated password reset security authentication codes for online accounts and those codes were in turn sent to the telephone in the control of the criminal actor. Members of the SIM swap groups shared the security reset codes with one another to unlawfully access a victim’s internet connected accounts and complete the fraud.
This case was investigated by the FBI Washington Field Office Criminal and Cyber Division, the SEC-Office of Inspector General, the U.S. Attorney’s Office for the District of Columbia, and the Computer Crime and Intellectual Property Section (CCIPS) and Fraud Section’s Market Integrity and Major Frauds Unit of the Justice Department’s Criminal Division. Significant assistance was provided by the FBI’s Birmingham Field Office.
The case was prosecuted by Assistant U.S. Attorney Kevin Rosenberg, CCIPS Trial Attorney Ashley Pungello, and Fraud Section Trial Attorney Lauren Archer. Valuable assistance was provided by Assistant U.S. Attorney John Hundscheid from the Northern District of Alabama. Substantial assistance was provided by Cyber Fellow Paul M. Zebb III.
For more information on SIM swapping, go to: https://www.ic3.gov/PSA/2024/PSA240411
24cr457