Eric Council Jr. has pleaded guilty to being involved in a conspiracy that resulted in the unauthorized takeover of the SEC's Twitter account. The hacking incident occurred in January 2024 when a false tweet regarding bitcoin ETFs was published. The SEC later revealed that a SIM swapping attack facilitated this breach. Council impersonated a legitimate user to gain control over the phone number linked to the SEC's Twitter. The agency had left its account vulnerable by disabling multi-factor authentication, leading to this security lapse. Council faces potential imprisonment for his crimes.
Council used an ID card printer to create a fake ID, which he used to execute a SIM swap that compromised the SEC's Twitter account.
The SEC admitted their account was vulnerable as they had disabled multi-factor authentication due to access issues before the breach occurred.
Collection
[
|
...
]