I'm more concerned about how he could successfully trick X into sending a recovery authentication code to a new number.
I mean, why would they send a recovery code to a number that was not used to register on the site? Or are the regulations different in different regions?
If you get logged out of your account and you don't know the password, the recovery authentication gets sent to the email or phone number used in registering the account, so wy was it sent to a different number? And no, they don't send to another number even if the number is the number of the owner of the account.
I do not know the full details but X have some questions to answer and they can also be sued for negligence or whatever if its what I think.

Ignorance does not mean innocence, simply put.

LMAO bro did what?


So only the perp who did the sim swap was arrested and he's pretty amateur judging from the search history lol. It's been revealed that he had co-conspirators whom he sent the OTP to, as well and they seem to be the folks who accessed the X account.


So it seems like Council is just an errand guy or something. I wouldn't be surprised if he just received instructions how to sim swap too. His co-conspirators most likely have been paid and/or profited a much bigger amount.

But did he really gain much from that hack? It seems like he wasn’t an expert, probably just experimenting and testing his skills without realizing how serious the consequences would be if he got caught. Even if Bitcoin went up $1k at that time, it would take a ton of Bitcoin to make a real profit, which I doubt he had.

Those deepfake scams are actually more effective, where they convince investors to send money directly to a wallet or even control their computer to transfer funds to an exchange. But in this case, I don’t see how he’d benefit that much. Now, if Bitcoin had pumped by 100% back then, maybe his SEC X hack would’ve been worth it.

An important account of government with big impacts on money of many people in financial and cryptocurrency market, must be secured better.

This SIM swap attack, can be considered as an accident, but SEC can not secure their account too carelessly like this. It's unprofessional and unacceptable too.

[BEWARE] Sim Port Attack. It's not a new scam attack type so it's ridiculous that an agency like SEC let it happened with their X account.

So, if I'm getting this correctly, you're saying in America I can call the SIM company (AT&T) and tell them I need a new SIM for a particular number. As long as I can provide some identification, they'll give me the new SIM with the same number.
Where I'm from, if you need a new SIM for an old number, you must provide an ID to ensure you registered the old SIM. Your ID would be verified before they give you a different SIM with that same number. If after Verification, the ID doesn't check out, they can't retrieve that SIM for you or if they check and see that the old number was registered by someone else they won't give you a new SIM for that number.

So just out of curiosity, I would like to know how a person can forge an ID to claim the identity of another person and get a new SIM for an already existing number. Also, will the 2 SIMs be active at the same time? Because over here, the old one will be block by the network providers before issuing another one.

Even then, those who ordered the guy, presumably, did get what they wanted from situation.
And probably would go unscratched from here. Only time will tell.
I hope some action will be taken to make such situations not to take place.

Therefore even if X has to request for certain verification codes before he can access the account, on request he's still gonna be the one receiving those codes.

I think the people that has much questions to answer as the AT&T. They would have done some checks if the  first line is active before issuing it to a new sim card.

Council seems to be a smart man, although I am confused how one can someone fake identity to get a sim of someone else. Is the verification system of AT&T that useless or the scammer was so smart! He just trying to create a hype in the market I remember when this happened and how it created a great hype among the crypto community.

Sadly this was really unnecessary for him to do. 5 years is a huge sentence for such a crime. Although it's a good progress for the authorities by capturing him as this set's an example for other scammers that they could know they should not play out of their league haha I mean directly hacing Gary's phones.

If you had carefully digested the op you'll have noticed what it said about how the accused was able to create a fake sim (probably cloning the SIM) by using the exact informations as those of the SEC's custodian of their X account. See the quote again
Am not into such illegal activities so how do you expect I know that?  Secondly, if the hacker or whatever he's called was able to have access to the SIM number through the impersonated informations then for sure he would have also deactivated the real owners SIM on the other end not to receive any information except for his