Share
-
-
COPIED
Today, Jan. 9, a tweet from the official SEC X (formerly known as Twitter) account announced that it had approved Bitcoin spot exchange-traded funds for listing in registered securities markets.
“The approved Bitcoin ETFs will be subject to ongoing surveillance and compliance measures to ensure continued investor protection,” the account posted on X. The tweet has since been deleted.
However, a few minutes later, SEC chair Gary Gensler’s Twitter account contradicted this. “The @SECGov Twitter account was compromised, and an unauthorized tweet was posted. The SEC has not approved the listing and trading of spot bitcoin exchange-traded products,” posted the account.
The price of Bitcoin itself jumped over $1,000 in response to the announcement, then fell to $46,000. Ether fell three percent to $2,260.
“Over $300 million has been liquidated from the #Bitcoin market amid the SEC’s official X account being hacked, and falsely claiming the Bitcoin Spot ETF had been approved,” posted WhaleWire.
Plumferno, a security researcher who formerly worked at OpenSea, said that she had heard from her sources that the SEC had been SIM swapped. She was notified just before the SEC account tweeted, she told nft now exclusively.
“The account was sim swapped for the sole purpose of the perpetrators being able to create massive shorts from it and profit without needing to even post a drainer link.”
PLUMFERNO
“I was informed moments prior to Gary posting that the SEC account was sim swapped. I didn’t have enough time before his post to warn anyone before it was public knowledge (so wasn’t hanging on to it for personal gain or anything). I didn’t have enough time to make a warning post of my own, wasn’t able to create any shorts etc. Have not benefited financially,” she told us in a direct message.
While many compromised accounts have posted wallet drainers, this attack was to move markets, Plumferno said. “According to my sources, the account was sim swapped for the sole purpose of the perpetrators being able to create massive shorts from it and profit without needing to even post a drainer link,” she explained.
Another security source confirmed to nft now that the account had been SIM swapped and provided screenshots of direct messages proving they had been in touch with an X employee to alert them to the issue.
SIM swapping refers to an attack where a hacker gains control of a victim’s phone number and use it to compromise their accounts via a weakness in two-factor authentication (2FA) tied to that phone number. Because the attack often involves fooling phone carriers into resetting the SIM card by impersonating the target, they can be challenging to prevent. Security experts recommend using a physical key such as a YubiKey or an authenticator app instead of SMS 2FA.
At 10:28 p.m. EST, X’s official Safety account confirmed that the SEC’s account had been compromised due to “an unidentified individual obtaining control over a phone number associated with the @SECGov account through a third party.” It also confirmed that the account did not have 2FA enabled at the time of the compromise.
The web3 community was quick to respond to the debacle in typical fashion with memes, jokes, and frenzied speculation over the highly unusual sequence of events.
Security researcher 0xQuit posted: “OK guys. It was a sell the news event. But the news was fake. So now it’s a rumor again. We now know it’s a sell the news, so you should probably sell the rumor, which I guess means you should buy the news.”
“I hope the SEC is better at protecting investors than they are their Twitter credentials,” he replied to Gensler’s account’s rebuttal of the SEC account’s post.
“If only there was some sort of set of technologies that could make forging messages like this physically impossible, along with some sort of ledger that could make censoring them economically impossible,” said anonymous privacy advocate dystopiabreaker in response to the account compromise.
The immediate reaction from observers indicates that this false report should not affect the ETF announcement timetable. “I don’t THINK that false positive approval tweet changes anything, and I have to just assume the timing is still the same: We’re still expecting potential approvals tomorrow and for potential trading to begin Thursday,” Bloomberg’s James Seyffart posted on X.
Editor’s note: This is a developing breaking news story and will be updated.
