January 23, 2024 at 06:54AM
Hackers used SIM swapping to take over the US Securities and Exchange Commission’s Twitter account, announcing the approval of a bitcoin exchange-traded fund. After the post caused a spike in bitcoin price, the agency clarified that the account had been compromised. The hackers gained unauthorized access through a telecom carrier and law enforcement is investigating.
Based on the meeting notes you provided, it appears that the US Securities and Exchange Commission (SEC) experienced a serious security breach involving the takeover of its X (formerly Twitter) account through a SIM swapping attack. This attack resulted in the unauthorized announcement of the approval of a bitcoin exchange-traded fund (ETF), leading to a significant increase in the price of bitcoin.
The hackers compromised the SEC’s account by tricking its telecom carrier into transferring the phone number associated with the X account to a SIM card under their control. They then used this phone number to reset the password for the @SECGov account.
It was noted that multi-factor authentication (MFA) had been disabled by X support since July 2023 and was only re-enabled after the incident. The SEC emphasized that the hack did not occur via its systems and that there was no evidence that the attackers gained access to SEC systems, data, devices, or other social media accounts.
The SEC took immediate action by deleting the hackers’ post, announcing the compromise, and terminating unauthorized access with the assistance of X. Law enforcement was contacted promptly, and the SEC has been collaborating with authorities in their investigation of the attack.
In summary, the SEC endured a SIM swapping attack on its X account, resulting in the propagation of false information about a bitcoin ETF approval. The incident has prompted the SEC to re-enable multi-factor authentication and collaborate with law enforcement to understand the attack’s details.
I hope this summary captures the key takeaways from the meeting notes. Let me know if you need further information or assistance.