A 25-year-old man from Athens, Alabama, identified as Eric Council Jr., is facing serious legal repercussions after being implicated in a sophisticated cybercrime scheme aimed at manipulating the value of Bitcoin through a series of fraudulent actions. According to prosecutors, Council was part of a criminal enterprise that sought to generate profit by disseminating false information, which purported to stem from the U.S. Securities and Exchange Commission (SEC). This deception aimed to inflate Bitcoin’s market value, allowing the group to subsequently offload their holdings at a profit.
The details of the case indicate a calculated approach to a SIM swapping attack, a method that has become a popular tactic among cybercriminals for gaining unauthorized access to sensitive accounts. The indictment, filed in the U.S. District Court for the District of Columbia, outlines the stepwise execution of the SIM swap targeted at a victim identified only as C.L. The attack occurred on January 9, 2024, when a co-conspirator identified C.L. as a potential target due to their link to an SEC account.
Following the identification of the target, Council allegedly gained access to C.L.’s mobile account through a SIM swap. He purportedly visited an AT&T store in Huntsville, Alabama, and presented identification in C.L.’s name, falsely claiming to be an FBI employee needing a replacement SIM card. By successfully executing this deception, Council ordered a new SIM card connected to C.L.’s account.
After securing the new SIM card, Council proceeded to an Apple store where he purchased a new iPhone, enabling him to receive two-factor authentication codes linked to the compromised SEC account. The indictment alleges that Council then received a reset code for the account and promptly forwarded this code to a co-conspirator, who used it to gain unauthorized access. This breach allowed the group to issue a fraudulent announcement via the SEC’s social media account, falsely stating regulatory approval for a specific cryptocurrency.
Once the SIM swap was completed, Council conducted online searches that pointed to his involvement in the conspiracy, including inquiries related to hacks and how to ascertain if one is under FBI investigation. Such searches underscore the calculated nature of the crime, revealing a keen awareness of the risks involved in these types of cyber activities.
The attack likely involved several tactics from the MITRE ATT&CK framework, including initial access through social engineering techniques, persistence via compromised accounts, and privilege escalation by exploiting the victim’s credentials. The implications of such cybercrimes highlight the increasing sophistication of attacks aimed at financial gain and the importance of robust cybersecurity measures for individuals and organizations alike. As businesses navigate the evolving landscape of cyber threats, the need for heightened awareness and proactive defenses against tactics like SIM swapping remains critical.
