SEC Blames Social Media Account Hack on ‘SIM Swap’ Attack in Fake Bitcoin ETF Post

Bitcoin ETF SEC
Last updated:
Author
Author
Fredrik Vold
Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

The US Securities and Exchange Commission (SEC) has revealed that its social media account on X fell victim to a “SIM swapping” attack in relation to the false post about the approval of Bitcoin exchange-traded funds (ETFs) earlier this month.

The incident, which occurred on January 9, led to a temporary surge in the price of Bitcoin, followed by a price crash after SEC Chair Gary Gensler said on his personal X account that the SEC’s X account had been “compromised.”

In a statement published on Monday this week, the SEC said that six months before the attack, an additional layer of protection known as multi-factor authentication (MFA) had been removed by staff and was only reinstated after the January 9 attack.

The fraudulent post was followed by a vote by the commission the next day, which ultimately resulted in the approval of all spot Bitcoin ETF applications.

SIM swapping involves attackers gaining control of a phone number by having it reassigned to a new device.

Once in control of the phone number, the unauthorized party reset the password for the @SECGov account, the statement said.

The new statement from the regulator confirms key details shared by X Safety already the day after the incident.

Ongoing investigation by SEC and law enforcement agencies

According to the new SEC statement, law enforcement agencies are currently investigating how the hackers persuaded the SEC’s mobile carrier to facilitate the phone number switch.

The agency did not disclose the identity of the carrier involved.

Both lawmakers and leaders from the crypto industry have sought explanations for the SEC’s vulnerability to such an attack, especially given the regulator’s stringent cybersecurity requirements for publicly traded companies.

The incident is under investigation by various agencies, including the SEC’s Office of Inspector General and its Division of Enforcement, the Commodity Futures Trading Commission, the Federal Bureau of Investigation, the Department of Justice, and the Cybersecurity and Infrastructure Security Agency.

Multi-factor authentication is now enabled for all SEC social media accounts that offer it, the SEC statement added.

More Articles

Price Analysis
Will This Trigger the Next BTC Rally? Gamestop Just Raised $1.3B to Stack Bitcoin
Arslan Butt
Arslan Butt
2025-03-28 00:09:13
Altcoin News
Top Five Cryptos See $659B Loss Since 2025 Peak: CryptoQuant
Tanzeel Akhtar
Tanzeel Akhtar
2025-03-27 23:34:03
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors