SEC’s X account fell victim to SIM swap attack

The SEC’s X attack happened after the agency disabled two-factor authentication in July 2023

by Katherine Ross /
article-image

Artwork by Crystal Le

share

The US Securities and Exchange Commission admitted that the two-factor authentication on its X account had been disabled since July 2023. 

The SEC’s official X account was compromised earlier this month. An unauthorized person was able to not only access the account itself, but made a fake post announcing the approval of spot bitcoin ETFs. 

The post was left up on the account for roughly 15 minutes before Chair Gary Gensler took to his own account to announce that the SEC’s had been compromised. 

In a follow up statement detailing what happened, the SEC said that X support asked the regulatory agency to disable the multi-factor authentication after the agency had difficulty accessing the account. 

Newsletter

Subscribe to Blockworks Daily

Read more: ‘A real low point’: Congressman calls out SEC bitcoin ETF drama during House hearing

“MFA remained disabled until staff re-enabled it after the account was compromised on Jan. 9. MFA currently is enabled for all SEC social media accounts that offer it,” the statement said. 

The hacker was able to access the account through a SIM swap, which is when a phone number is transferred to another device without authorization. 

“Access to the phone number occurred via the telecom carrier, not via SEC systems. SEC staff have not identified any evidence that the unauthorized party gained access to SEC systems, data, devices or other social media accounts,” the SEC said.  

Read more: SEC should be held accountable for X account compromise: US senator says

The regulatory body is working with the Federal Bureau of Investigations, Homeland Security, the US Department of Justice and its own Division of Enforcement to track down the attacker. The agency previously disclosed that the FBI and Homeland Security’s cybersecurity department were involved in the investigation. 

“Among other things, law enforcement is currently investigating how the unauthorized party got the carrier to change the SIM for the account and how the party knew which phone number was associated with the account,” the statement continued.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.

Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Digital Asset Summit 2025

Javits Center North | 445 11th Ave

Tues - Thurs, March 18 - 20, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

learn more

recent research

Flashnote Template Presentation (2).jpg

Research

Analyst Takes: Post-Election Insights

With the recent election, it’s clear that there will be a meaningful shift in crypto regulations and legislation. Trump is likely as pro-crypto as a president can be. He launched (multiple) of his own NFT collections and is launching an Aave wrapper called World Liberty Fi. He has also spoken out and mentioned that he wants to make the United States "the crypto capital of the planet" and transform it into the "Bitcoin superpower of the world". He proposed creating a strategic national Bitcoin stockpile alongside support from Senator Cynthia Lummis, promising to retain 100% of all Bitcoin held by the U.S. government. More importantly, we’re likely to see deregulation across the board in a lot of industries, with crypto being one of them - as Trump has committed to keeping the crypto market largely unregulated. Crypto, DeFi in particular, has historically been knee-capped by overreaching and hostile governmental agencies and regulation by enforcement, as evidenced by the plethora of Wells notices and lawsuits over the past few years. With Donald Trump winning the presidency, Republicans taking control of the Senate, and being on the verge of securing the House, we think it’s likely that crypto realizes positive regulatory clarity. Below, you can find our analysts’ takes:

by Boccaccio

/

news

article-image

Empire NewsletterMarkets

ETH killers are still no closer to doing the deed

Solana is the crowd favorite to potentially flip Ethereum somewhere down the line, and it tends to feel realistic at times

by David Canellis /
article-image

FinanceForward Guidance Newsletter

ETF investors lack interest in crypto, report finds?

Of course, a lot has happened since the 600+ survey respondents shared their thoughts between Aug. 15 and Oct. 1

by Ben Strack /
article-image

Opinion

Big Tech can’t own AI’s future if we decentralize it first

AI’s future shouldn’t be decided by a handful of tech giants

by Zac Cheah /
article-image

BusinessForward Guidance Newsletter

A post-election check-in on a crypto firm still trying to go public

A look at software wallet Exodus may show how an SEC shakeup could have a real impact on industry companies

by Ben Strack /
article-image

Forward Guidance NewsletterPolicy

Trump is building his cabinet top-down, and crypto is toward the bottom 

Co-chairing Trump’s transition team to help fill administration positions is Cantor Fitzgerald CEO Howard Lutnick

by Casey Wagner /
article-image

DeFiLightspeed Newsletter

Solana-based answer to Ethena wins ‘Radar’ hackathon

Reflect is a delta-neutral currency protocol that lets tokens accrue yield without touching the banking system

by Jack Kubinec /