The official Twitter account of the US Securities and Exchange Commission (SEC) recently fell victim to a SIM swap attack [1], where hackers gained control of the account by manipulating the phone provider [4]. This resulted in a false announcement about the approval of Bitcoin Exchange Traded Funds (ETFs) [1], causing a temporary spike in the price of Bitcoin. However, the SEC later confirmed the approval. This incident highlights the growing threat of SIM swap attacks and raises concerns about the use of SMS-based two-factor authentication.
Description
Earlier this month, hackers targeted the official Twitter account of the SEC through a SIM swap attack. By manipulating the phone provider, they gained control of the account by transferring the phone number to their device. With this control, they were able to reset the password and take full control of the account. Fortunately, the unauthorized party did not gain access to SEC systems or data [1]. The SEC is currently investigating the incident with the Office of the Inspector General and the FBI [2].
It was later discovered that the hijacked account was used to publish a false announcement about the approval of Bitcoin ETFs. This caused a temporary spike in the price of Bitcoin before it dropped. However, the SEC later confirmed that they had indeed approved Bitcoin ETFs [4]. The account did not have multi-factor authentication (MFA) enabled at the time of the attack [3] [4], as it had been disabled due to login issues [4]. MFA has since been re-enabled on the account [1].
Law enforcement is currently investigating how the hackers were able to convince the telecom carrier to change the SIM for the account and how they knew which phone number was associated with it [1]. SIM swap attacks are becoming a significant security threat for government agencies and corporations [3], as they are being used for various criminal purposes beyond cryptocurrency theft [3]. This incident also highlights the vulnerability of high-profile Twitter accounts to this type of attack, as it has been used in the past to compromise other accounts.
Conclusion
The SIM swap attack on the SEC’s Twitter account has raised concerns about the security of SMS-based two-factor authentication. It emphasizes the need for more secure methods to protect sensitive accounts. The incident also highlights the potential impacts of false announcements on cryptocurrency markets and the importance of verifying information before reacting. Moving forward, the SEC is working with law enforcement and oversight agencies to investigate the hack and identify the perpetrator. The agency has taken steps to enhance security by enabling multi-factor authentication on all social accounts.
References
[1] https://www.infosecurity-magazine.com/news/sec-sim-swap-attack-x-account/
[2] https://news.yahoo.com/us-secs-x-account-hacked-210147926.html
[3] https://www.cnbc.com/2024/01/22/new-details-emerge-about-secs-x-account-hack-including-sim-swap.html
[4] https://www.techradar.com/pro/sec-reveals-how-its-twitter-account-was-hacked-and-its-rather-embarrassing
