20.5k unique visitors in the last 3 days

Big Bitcoin Spike after Phone Hackers Hijack SEC Social Media Account

The US Securities and Exchange Commission did not implement two-factor authentication for their official X account.

The value of one bitcoin suddenly gained more than USD1,000 after hackers seized control of a phone number belonging to the US Securities and Exchange Commission (SEC) and used it to compromise the regulator’s account on X, formerly known as Twitter. The hackers posted a message to X on Tuesday that claimed the SEC…

…grants approval for #Bitcoin ETFs for listing on all registered national securities exchanges

ETFs stands for exchange-traded funds, a type of vehicle that allows investors to bet on assets like stocks, bonds, currencies or gold without having to buy them directly. The SEC regained control of their X account a little while later and deleted the bogus message. Meanwhile, SEC Chair Gary Gensler used his personal X account to refute the hackers’ claim.

The fraudulent message encouraged the value of Bitcoin to rise more than 2 percent within just a few minutes, but that gain was reversed within the following quarter of an hour as the truth became apparent. However, prevention is better than cure, especially when it comes to fraud. Many questions will be asked about how the hackers were able to subvert an SEC phone number and then use it to post to an official social media account. X were keen to avoid any blame, insisting that the hijack of the SEC phone had not involved the compromise of any of X’s systems. They added that the SEC had not implemented two-factor authentication for their X account.

The mind boggles at how the SEC could have such lax security that they did not implement two-factor authentication for their social media account. Fraudsters have repeatedly used stolen and bogus social media accounts to launch cryptocurrency scams or pump up the valuation of specific cryptocurrencies, but it apparently did not occur to anybody working at the SEC’s security team that their own accounts might be targeted. Well-known cryptocurrency crime investigator ZachXBT was quick to mock the SEC Chair by repeating his own words back to him.

One security consultant told nft now that ‘sources’ had informed him that a SIM swap was used to compromise the SEC’s phone. However, the anonymous nature of the source makes this claim impossible to verify. Even if true, it could just be a lucky guess about a method that cryptocurrency fraudsters have repeatedly used with great success.

Ironically, the hackers’ message was correct just one day later when the SEC genuinely approved the first spot bitcoin ETFs. However, the speed of news in cryptocurrency circles means millions can be gained or lost within minutes, which is why fake news is so dangerous.

The moral of the story is plain: prevent your phone becoming a gateway for crime by implementing a robust method of two-factor authentication that is independent of the phone service. And the other moral is that regulators should practice what they preach to the rest of us.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email