The Securities and Exchange Commission has linked a SIM swapping attack to its account breach on X earlier this month, which led to the creation of a fake post announcing approval of Bitcoin ETFs that caused the cryptocurrency’s price to spike. In an update on Monday, the SEC says an “unauthorized party obtained control of the SEC cell phone number associated with the account in an apparent ‘SIM swap’ attack.”
- Home
- Technology
- News
A SIM-swapping attack was behind the SEC’s fake Bitcoin post
The Securities and Exchange Commission says a SIM swapping attack was responsible for its account breach on X earlier this month.
A SIM-swapping attack occurs when a bad actor obtains a victim’s phone number through techniques like social engineering. That allows the attacker to intercept calls and texts intended for the victim, including two-factor authentication codes, which they can then use to sign in to their victim’s accounts.
In the SEC’s case, a bad actor reset the password for its X account after gaining control of the phone number linked to it. While the SEC says multifactor authentication was previously enabled on the agency’s X account, it was “disabled by X Support, at the staff’s request, in July 2023 due to issues accessing the account.” The SEC only reenabled MFA after it realized its account was compromised on January 9th, and says it has MFA active on all of its other social media accounts that have the option.
The SEC says law enforcement is still investigating how the attacker found out which phone number it was using for its X account, and how they got the mobile carrier to swap SIMs.
Sources: Heat's Butler prefers trade out of Miami
- 5 hours ago
Waiver wire: Potential replacements for James Conner, Jalen Hurts
- 5 hours ago
Chiefs capture AFC's top seed as Steelers lose third straight
- 5 hours ago
AP women's college basketball poll reaction: Where does UConn land after loss to USC
- 5 hours ago
Bears' Brown denies late-game confusion in loss
- 5 hours ago
Embiid ejected in chaotic opening half in Philly
- 5 hours ago