Hacker Arrested For the Fake SEC Tweet That Caused a Bitcoin Price Spike (theverge.com) 11
The FBI has arrested an Alabama man who is accused of hacking the Securities and Exchange Commission's X account in January. From a report: The indictment alleges that 25-year-old Eric Council Jr. worked with co-conspirators to take control of the account and post a fake message from SEC Chair Gary Gensler about Bitcoin ETFs that caused the price of Bitcoin to jump by more than $1,000 momentarily.
To carry out this scheme, Council is accused of creating a fake ID using the information belonging to the person in control of the SEC's X account. He then allegedly tricked AT&T into providing a SIM card with the victim's phone number and install it into a new iPhone he purchased. Finally, Council was able to gain control of the SEC's account using recovery authentication codes sent to the number, and later return the iPhone to the Apple Store where he'd bought it.
To carry out this scheme, Council is accused of creating a fake ID using the information belonging to the person in control of the SEC's X account. He then allegedly tricked AT&T into providing a SIM card with the victim's phone number and install it into a new iPhone he purchased. Finally, Council was able to gain control of the SEC's account using recovery authentication codes sent to the number, and later return the iPhone to the Apple Store where he'd bought it.
And if it doesn't convince you SMS codes are awful (Score:2)
You need to watch this: https://youtu.be/wVyu7NB7W6Y [youtu.be]
Re: (Score:3)
AT&T bears responsibility for allowing a Sim jacking so easily.
Re: (Score:2)
If your data security depends on AT&T not fucking up, you have a problem.
Re: (Score:2)
That may well be true, but SIM jacking is ridiculously easy, and the practice has caused problems for more people than just the SEC. On top of that, numerous commercial entities (including X/Twitter) continue to use SMS for two-factor authentication, which is a problem in-and-of itself.
Just say no to services that use SMS (Score:4, Insightful)
for authentication. As this is a story we have seen so many times before and will see again.
Neat job (Score:2)
"and later return the iPhone to the Apple Store where he'd bought it."
Waste not, want not!
"that caused the price of Bitcoin to jump by more than $1,000 momentarily"
That's fast trading that is. I wonder how many BT were grabbed and flogged at that time to exploit the differential?
Yikes! (Score:2)
Good luck proving that guy was the source of the move. In my world we think of that as normal volativity.
Re: Yikes! (Score:1)
Given the guy was stupid enough to return the iPhone rather than destroy it, imma guess that emails or texts discussing the plan at some point were made.
SEC Chair Gary Gensler should have been fired (Score:3, Insightful)
High risk low reward (Score:4, Interesting)
Man, that swing was quite small percentage wise. He committed a high crime for super low pay. The juice wasn't worth the squeeze.