The SEC’s X account was hijacked to post a fake approval of Bitcoin ETFs

Image: Nick Barclay / The Verge

The Securities and Exchange Commission’s official social media account on X (formerly Twitter) posted a notice on Tuesday evening claiming it had approved listings for Bitcoin exchange-traded funds, or ETFs, which has since been deleted. Moments later, SEC Chair Gary Gensler said in a post on his own account that the agency’s account was “compromised, and an unauthorized tweet was posted.”

The SEC followed up with a post reiterating Gensler’s statement about the hack, and a spokesperson from the agency confirmed that statement to CNBC.

The post from the SEC’s account said, “Today the SEC grants approval for #Bitcoin ETFs for listing on all registered national securities. The approved Bitcoin ETFs will be subject to ongoing surveillance and compliance measures to ensure continued investor protection.” It included an image of Gensler next to the quote, but it was clearly missing any link to the SEC’s website that would normally accompany this kind of news.

Screenshot by Emma Roth / The Verge

Whoever compromised the SEC’s account also began liking posts from crypto-focused accounts that expressed excitement about the SEC’s false approval of Bitcoin ETFs. Even though the SEC’s fake post was only live for a matter of minutes, it still managed to trigger a steep spike in the price of Bitcoin that brought it from around $46,746 to $47,863. That price has since sunk to $45,633 at this time of writing, according to data from CoinDesk.

Screenshot by Emma Roth / The Verge
Can you tell when the SEC’s fake announcement went out?

Exchange-traded funds, or ETFs, are bundles of assets that work sort of like mutual funds, with shares of the ETFs trading on exchanges as stocks do. A Bitcoin ETF would make it easier for investors to speculate on the price of Bitcoin without having to hold Bitcoin directly. That also lets them avoid setting up their own cryptocurrency wallets and so on. The SEC has previously rejected all attempts at a Bitcoin ETF.

Last week, a report from Bleeping Computer highlighted how hackers are increasingly targeting government or business profiles on X to promote crypto scams and phishing sites. Access to these accounts, which are identifiable by their gold (for business) and gray (for government profiles) checkmarks, are even up for sale on the dark web, according to a report from the cyberintelligence company CloudSEK. Mandiant, the cybersecurity firm owned by Google, was just one of the high-profile accounts that had fallen victim to hackers, as its account was hijacked last week to advertise a crypto scam that drained users’ wallets.

Recent Articles

Related Stories