In a bizarre yet telling twist of cybercrime irony, Eric Council Jr., the hacker behind the notorious breach of the U.S. Securities and Exchange Commission’s (SEC) X account, turned to Google in the aftermath of his attack—asking, quite literally, if the FBI was on his trail.
Recent court filings have revealed the series of missteps and paranoia that followed Council’s SIM-swap attack in January 2024, which briefly sent shockwaves through global crypto markets. After hijacking the SEC’s account and posting a fake announcement that a spot Bitcoin ETF had been approved—a statement viewed by over a million people—Council spent the next few weeks scrambling to erase digital breadcrumbs.
But even cybercriminals Google their fears. Among his internet searches, Council asked, “How can I know for sure if I am being investigated by the FBI?” and “How long does it take to delete Telegram account?” These were just a few of the inquiries uncovered when federal authorities executed a search warrant on his home, car, and devices in mid-June 2024, according to a court filing submitted on May 12.
SIM Swapping, Fake IDs, and $50,000 in Crypto
Council, who operated under the Telegram handle “easymunny,” built a small cybercrime career out of SIM-swapping—a form of identity theft that involves tricking mobile carriers into rerouting a victim’s phone number to a new SIM card. Between January and June 2024, he reportedly earned around $50,000 in crypto by offering his SIM-swapping services, charging $1,200 to $1,500 per job.
His involvement in the SEC hack followed a familiar script: using falsified identity documents, including Social Security and driver’s license data, Council impersonated a victim identified by his co-conspirators as having admin access to the SEC’s X account. With this information, he convinced an AT&T employee to reassign the victim’s phone number to a SIM card he controlled.
Then, on January 9, Council walked into an Apple Store in Alabama, bought a new iPhone, inserted the hijacked SIM card, and delivered the necessary credentials to his accomplices. Shortly after, the now-infamous false tweet about Bitcoin ETF approval was published on the SEC’s official X account—causing Bitcoin’s price to briefly surge by $1,000 before tanking $2,000, wiping out tens of millions in leveraged market positions.
A Trail of Mistakes Leads to Arrest
What Council didn’t anticipate was just how quickly federal investigators would connect the dots. By June 12, agents were already tailing him and caught him attempting yet another SIM swap at a local Apple Store—this time impersonating a different target.
Within a week, authorities raided his residence, seizing devices loaded with digital evidence, including templates for fake IDs and saved Telegram messages discussing SIM swaps with individuals believed to be located overseas. Although Council had set his Telegram chats to auto-delete after two weeks, enough remained for prosecutors to build a solid case.
He ultimately pleaded guilty on February 10, 2025, after a grand jury indicted him for conspiracy to commit aggravated identity theft and access device fraud.
SEC’s Own Security Flaws Come Under Scrutiny
While Council’s actions were clearly criminal, the breach also exposed major security lapses at the SEC itself. According to X’s internal security team, the SEC’s account didn’t have two-factor authentication (2FA) enabled at the time of the breach. The agency later clarified that it originally had 2FA enabled, but it was mistakenly removed by X Support following a request from an SEC employee—adding a layer of embarrassment to an already damaging incident.
Final Thoughts
Council’s story serves as both a cautionary tale and a glimpse into the modern intersection of cybercrime, market volatility, and social media. From earning crypto through SIM swaps to frantically Googling his own legal exposure, his journey shows just how fast fortunes—and freedom—can evaporate in the digital age.
As the legal proceedings continue, the case highlights the critical importance of cybersecurity at the highest levels of government—and the very real consequences that can follow even the briefest moments of digital deception.
