The US Securities and Exchange Commission (SEC) confirmed this Tuesday, 23, that your account on X (formerly Twitter) was hacked through a SIM swap attack — a type of phone line identity — on the number cell phone associated with the account.
Earlier this month, the SEC account on X was hacked and subsequently a false message was posted stating that several requests from managers to launch Bitcoin ETFs on securities exchanges had been approved. Minutes later, however, the president of the municipality denied the information.
Ironically, the body that regulates publicly traded companies in the United States approved Bitcoin ETFs in a legitimate announcement the next day. However, at the time, it was unclear how the account was breached, with the SEC saying it would provide updates on the investigation as soon as it became available.
Today, the SEC confirmed that a cell phone account associated with the X account suffered a SIM swapping attack. “Two days after the incident, in consultation with the telecommunications carrier, the SEC found that the unauthorized party gained control of the cell phone number associated with the X account in an apparent ‘SIM swap’ attack,” explains one updated press release from the SEC regarding the breach.
In SIM swapping attacks, threat actors trick the victim’s mobile carrier into transferring the customer’s phone number to a device under the attacker’s control. This allows all texts and phone calls sent to the device to be recovered by hackers, including password reset links and one-time passwords for multi-factor authentication (MFA).
According to the SEC, the hackers did not have access to the agency’s internal systems, data, devices, or other social media accounts, and the SIM swap occurred by tricking your cell phone carrier into porting the number. Once they controlled the number, they reset the password for the @SECGov account to create the fake ad.
The SEC says it continues to work with law enforcement to investigate how the attackers conducted the SIM-swap attack with their wireless carrier. The agency also confirmed that multi-factor authentication was not enabled on the account, as they asked X support to disable it when they encountered problems logging into the account.
Sources: CisoAdvisor, SecGov
