SEC Blames Social Media Account Hack on ‘SIM Swap’ Attack in Fake Bitcoin ETF Post

Bitcoin ETF SEC

Author

Fredrik Vold

Author

Fredrik Vold

Author Profile

Share

Copied

Last updated:

January 23, 2024 08:18 EST

Why Trust Cryptonews

Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

The US Securities and Exchange Commission (SEC) has revealed that its social media account on X fell victim to a “SIM swapping” attack in relation to the false post about the approval of Bitcoin exchange-traded funds (ETFs) earlier this month.

The incident, which occurred on January 9, led to a temporary surge in the price of Bitcoin, followed by a price crash after SEC Chair Gary Gensler said on his personal X account that the SEC’s X account had been “compromised.”

The @SECGov twitter account was compromised, and an unauthorized tweet was posted. The SEC has not approved the listing and trading of spot bitcoin exchange-traded products.

— Gary Gensler (@GaryGensler) January 9, 2024

In a statement published on Monday this week, the SEC said that six months before the attack, an additional layer of protection known as multi-factor authentication (MFA) had been removed by staff and was only reinstated after the January 9 attack.

The fraudulent post was followed by a vote by the commission the next day, which ultimately resulted in the approval of all spot Bitcoin ETF applications.

SIM swapping involves attackers gaining control of a phone number by having it reassigned to a new device.

Once in control of the phone number, the unauthorized party reset the password for the @SECGov account, the statement said.

The new statement from the regulator confirms key details shared by X Safety already the day after the incident.

We can confirm that the account @SECGov was compromised and we have completed a preliminary investigation. Based on our investigation, the compromise was not due to any breach of X’s systems, but rather due to an unidentified individual obtaining control over a phone number…

— Safety (@Safety) January 10, 2024

Ongoing investigation by SEC and law enforcement agencies

According to the new SEC statement, law enforcement agencies are currently investigating how the hackers persuaded the SEC’s mobile carrier to facilitate the phone number switch.

The agency did not disclose the identity of the carrier involved.

Both lawmakers and leaders from the crypto industry have sought explanations for the SEC’s vulnerability to such an attack, especially given the regulator’s stringent cybersecurity requirements for publicly traded companies.

The incident is under investigation by various agencies, including the SEC’s Office of Inspector General and its Division of Enforcement, the Commodity Futures Trading Commission, the Federal Bureau of Investigation, the Department of Justice, and the Cybersecurity and Infrastructure Security Agency.

Multi-factor authentication is now enabled for all SEC social media accounts that offer it, the SEC statement added.