The Securities and Exchange Commission (SEC) has
revealed that the unauthorized post about approving spot
Bitcoin exchange-traded funds (ETFs) on January 9 is related to a “SIM swap” attack.
This tactic involves transferring a mobile phone
number to a different device without the owner’s consent. The US securities
watchdog clarified that the attack occurred via a telecommunication network
rather than through its internal systems. It emphasized that its core systems
were never compromised.
The misleading post, which declared the green light
for the first spot Bitcoin ETF in the US, caused a frenzy in the
cryptocurrency sector. However, the SEC was quick to dismiss the post,
attributing it to a hacker who had gained control of the mobile phone number
linked to the account.
After the intruder had compromised the regulator’s account, the password to the account was reset, and a false announcement about
the approval of spot Bitcoin ETFs was made. Notably, a previously enabled multi-factor authentication process had been disabled in July 2023. This raises questions about the vulnerability of the account leading up to the
incident.
The SEC mentioned: “While multi-factor
authentication (MFA) had previously been enabled on the @SECGov X account, it
was disabled by X Support, at the staff’s request, in July 2023 due to issues
accessing the account.”
“Once access was reestablished, MFA remained
disabled until staff reenabled it after the account was compromised on January
9. MFA currently is enabled for all SEC social media accounts that offer
it.”
The @SECGov X account was compromised, and an unauthorized post was posted. The SEC has not approved the listing and trading of spot bitcoin exchange-traded products.
— U.S. Securities and Exchange Commission (@SECGov) January 9, 2024
SEC’s Social Media Safety Concerns
The timing of the incident was particularly
significant as Wall Street eagerly awaited the SEC’s authorization of the first-ever
spot Bitcoin ETF. This breach raised a concern about the security of the SEC’s social media
account.
Upon discovery, the SEC’s staff swiftly responded by
deleting the unauthorized post, un-linking external posts, and alerting the
public through the official @garygensler X.com account. The SEC engaged with
X.com to terminate unauthorized access between 4:40 pm ET and 5:30 pm ET on the
same day.
Currently, the SEC is collaborating with various law
enforcement and federal oversight entities, including the SEC’s Office of
Inspector General, the Federal Bureau of Investigation, and the Department of
Homeland Security’s Cybersecurity and Infrastructure Security Agency, to conclude the investigations.
The Securities and Exchange Commission (SEC) has
revealed that the unauthorized post about approving spot
Bitcoin exchange-traded funds (ETFs) on January 9 is related to a “SIM swap” attack.
This tactic involves transferring a mobile phone
number to a different device without the owner’s consent. The US securities
watchdog clarified that the attack occurred via a telecommunication network
rather than through its internal systems. It emphasized that its core systems
were never compromised.
The misleading post, which declared the green light
for the first spot Bitcoin ETF in the US, caused a frenzy in the
cryptocurrency sector. However, the SEC was quick to dismiss the post,
attributing it to a hacker who had gained control of the mobile phone number
linked to the account.
After the intruder had compromised the regulator’s account, the password to the account was reset, and a false announcement about
the approval of spot Bitcoin ETFs was made. Notably, a previously enabled multi-factor authentication process had been disabled in July 2023. This raises questions about the vulnerability of the account leading up to the
incident.
The SEC mentioned: “While multi-factor
authentication (MFA) had previously been enabled on the @SECGov X account, it
was disabled by X Support, at the staff’s request, in July 2023 due to issues
accessing the account.”
“Once access was reestablished, MFA remained
disabled until staff reenabled it after the account was compromised on January
9. MFA currently is enabled for all SEC social media accounts that offer
it.”
The @SECGov X account was compromised, and an unauthorized post was posted. The SEC has not approved the listing and trading of spot bitcoin exchange-traded products.
— U.S. Securities and Exchange Commission (@SECGov) January 9, 2024
SEC’s Social Media Safety Concerns
The timing of the incident was particularly
significant as Wall Street eagerly awaited the SEC’s authorization of the first-ever
spot Bitcoin ETF. This breach raised a concern about the security of the SEC’s social media
account.
Upon discovery, the SEC’s staff swiftly responded by
deleting the unauthorized post, un-linking external posts, and alerting the
public through the official @garygensler X.com account. The SEC engaged with
X.com to terminate unauthorized access between 4:40 pm ET and 5:30 pm ET on the
same day.
Currently, the SEC is collaborating with various law
enforcement and federal oversight entities, including the SEC’s Office of
Inspector General, the Federal Bureau of Investigation, and the Department of
Homeland Security’s Cybersecurity and Infrastructure Security Agency, to conclude the investigations.