SEC Blames Social Media Account Hack on ‘SIM Swap’ Attack in Fake Bitcoin ETF Post

Bitcoin ETF SEC
Last updated:
Author
Author
Fredrik Vold
Last updated:
Why Trust Cryptonews
With over a decade of crypto coverage, Cryptonews delivers authoritative insights you can rely on. Our veteran team of journalists and analysts combines in-depth market knowledge with hands-on testing of blockchain technologies. We maintain strict editorial standards, ensuring factual accuracy and impartial reporting on both established cryptocurrencies and emerging projects. Our longstanding presence in the industry and commitment to quality journalism make Cryptonews a trusted source in the dynamic world of digital assets. Read more about Cryptonews

The US Securities and Exchange Commission (SEC) has revealed that its social media account on X fell victim to a “SIM swapping” attack in relation to the false post about the approval of Bitcoin exchange-traded funds (ETFs) earlier this month.

The incident, which occurred on January 9, led to a temporary surge in the price of Bitcoin, followed by a price crash after SEC Chair Gary Gensler said on his personal X account that the SEC’s X account had been “compromised.”

In a statement published on Monday this week, the SEC said that six months before the attack, an additional layer of protection known as multi-factor authentication (MFA) had been removed by staff and was only reinstated after the January 9 attack.

The fraudulent post was followed by a vote by the commission the next day, which ultimately resulted in the approval of all spot Bitcoin ETF applications.

SIM swapping involves attackers gaining control of a phone number by having it reassigned to a new device.

Once in control of the phone number, the unauthorized party reset the password for the @SECGov account, the statement said.

The new statement from the regulator confirms key details shared by X Safety already the day after the incident.

Ongoing investigation by SEC and law enforcement agencies

According to the new SEC statement, law enforcement agencies are currently investigating how the hackers persuaded the SEC’s mobile carrier to facilitate the phone number switch.

The agency did not disclose the identity of the carrier involved.

Both lawmakers and leaders from the crypto industry have sought explanations for the SEC’s vulnerability to such an attack, especially given the regulator’s stringent cybersecurity requirements for publicly traded companies.

The incident is under investigation by various agencies, including the SEC’s Office of Inspector General and its Division of Enforcement, the Commodity Futures Trading Commission, the Federal Bureau of Investigation, the Department of Justice, and the Cybersecurity and Infrastructure Security Agency.

Multi-factor authentication is now enabled for all SEC social media accounts that offer it, the SEC statement added.

More Articles

Bitcoin News
Trump Vs Harris Doesn’t Matter for Bitcoin: BlackRock CEO
Harvey Hunter
Harvey Hunter
2024-10-15 19:32:43
Industry Talk
$2 Billion Floods Into PEPE – Could a $1 Whale-Driven Pump Be Closer Than You Think?
Sam Cooling
Sam Cooling
2024-10-15 18:42:40