Hacker's Fake Bitcoin ETF Post on X Triggers Market Chaos
Generado por agente de IAHarrison Brooks
martes, 11 de febrero de 2025, 12:43 am ET2 min de lectura
BTC--
On Monday, an Alabama resident, Eric Council Jr., pleaded guilty to hacking the U.S. Securities and Exchange Commission's (SEC) X account and posting a fake Bitcoin BTC/USD exchange-traded fund (ETF) approval message. This incident caused millions of dollars in market losses and triggered a financial wipeout for thousands of traders. The hacked tweet sent the market soaring, with Bitcoin's price increasing by more than $1,000, only to plummet minutes later when the SEC confirmed the announcement was unauthorized. Over $220 million was liquidated from the cryptocurrency market in the ensuing chaos.
Council used a SIM swap attack to gain unauthorized access to the SEC's official X account. He executed a SIM swap of the mobile phone account associated with the @SECgov X account to obtain the password reset codes. A member of the conspiracy then used these codes to gain access to the @SECGov X account and issue a fraudulent post in the name of the then-SEC Chairman, falsely announcing SEC approval of Bitcoin (BTC) Exchange Traded Funds (ETFs).
The incident highlighted vulnerabilities in both physical and digital security systems. Council exploited weaknesses in the physical security measures at an AT&T store by using a fake ID to impersonate the authorized user of the phone number linked to the official @SECgov X account. He then bypassed digital security measures by activating the SIM card on a new iPhone and receiving the @SECGov X password reset codes.
To address these vulnerabilities, organizations should implement stricter ID verification processes for SIM card replacements, train employees to be more vigilant, and consider using biometric authentication or other advanced verification methods. Additionally, organizations should implement multi-factor authentication (MFA) for all accounts, using methods other than SMS-based codes, regularly monitor and log account activity for suspicious behavior, and keep software and systems up-to-date with the latest security patches.
The hacker's actions also raised questions about the SEC's regulatory capabilities and market manipulation. To restore confidence, the SEC should strengthen its security protocols, promptly and transparently communicate any security incidents or breaches to the public, actively investigate and prosecute individuals responsible for security breaches, provide clear and timely guidance on its regulatory stance on cryptocurrencies and related products, and collaborate with industry stakeholders to share information and best practices on cybersecurity and market integrity.
Market manipulation played a significant role in the price fluctuations of Bitcoin following the fake announcement. To better protect investors from such incidents, regulators should enhance the security of official accounts, improve communication, monitor and investigate suspicious activities, educate investors about the risks of market manipulation, strengthen enforcement, and collaborate with industry stakeholders to develop best practices and enhance market integrity.
In conclusion, the hacker's actions exposed vulnerabilities in both physical and digital security systems and raised concerns about the SEC's regulatory capabilities and market manipulation. To address these issues, organizations should strengthen their security measures, and regulators should take steps to better protect investors from market manipulation and ensure a more stable and secure trading environment.
SIM--
On Monday, an Alabama resident, Eric Council Jr., pleaded guilty to hacking the U.S. Securities and Exchange Commission's (SEC) X account and posting a fake Bitcoin BTC/USD exchange-traded fund (ETF) approval message. This incident caused millions of dollars in market losses and triggered a financial wipeout for thousands of traders. The hacked tweet sent the market soaring, with Bitcoin's price increasing by more than $1,000, only to plummet minutes later when the SEC confirmed the announcement was unauthorized. Over $220 million was liquidated from the cryptocurrency market in the ensuing chaos.
Council used a SIM swap attack to gain unauthorized access to the SEC's official X account. He executed a SIM swap of the mobile phone account associated with the @SECgov X account to obtain the password reset codes. A member of the conspiracy then used these codes to gain access to the @SECGov X account and issue a fraudulent post in the name of the then-SEC Chairman, falsely announcing SEC approval of Bitcoin (BTC) Exchange Traded Funds (ETFs).
The incident highlighted vulnerabilities in both physical and digital security systems. Council exploited weaknesses in the physical security measures at an AT&T store by using a fake ID to impersonate the authorized user of the phone number linked to the official @SECgov X account. He then bypassed digital security measures by activating the SIM card on a new iPhone and receiving the @SECGov X password reset codes.
To address these vulnerabilities, organizations should implement stricter ID verification processes for SIM card replacements, train employees to be more vigilant, and consider using biometric authentication or other advanced verification methods. Additionally, organizations should implement multi-factor authentication (MFA) for all accounts, using methods other than SMS-based codes, regularly monitor and log account activity for suspicious behavior, and keep software and systems up-to-date with the latest security patches.
The hacker's actions also raised questions about the SEC's regulatory capabilities and market manipulation. To restore confidence, the SEC should strengthen its security protocols, promptly and transparently communicate any security incidents or breaches to the public, actively investigate and prosecute individuals responsible for security breaches, provide clear and timely guidance on its regulatory stance on cryptocurrencies and related products, and collaborate with industry stakeholders to share information and best practices on cybersecurity and market integrity.
Market manipulation played a significant role in the price fluctuations of Bitcoin following the fake announcement. To better protect investors from such incidents, regulators should enhance the security of official accounts, improve communication, monitor and investigate suspicious activities, educate investors about the risks of market manipulation, strengthen enforcement, and collaborate with industry stakeholders to develop best practices and enhance market integrity.
In conclusion, the hacker's actions exposed vulnerabilities in both physical and digital security systems and raised concerns about the SEC's regulatory capabilities and market manipulation. To address these issues, organizations should strengthen their security measures, and regulators should take steps to better protect investors from market manipulation and ensure a more stable and secure trading environment.
Divulgación editorial y transparencia de la IA: Ainvest News utiliza tecnología avanzada de Modelos de Lenguaje Largo (LLM) para sintetizar y analizar datos de mercado en tiempo real. Para garantizar los más altos estándares de integridad, cada artículo se somete a un riguroso proceso de verificación con participación humana.
Mientras la IA asiste en el procesamiento de datos y la redacción inicial, un miembro editorial profesional de Ainvest revisa, verifica y aprueba de forma independiente todo el contenido para garantizar su precisión y cumplimiento con los estándares editoriales de Ainvest Fintech Inc. Esta supervisión humana está diseñada para mitigar las alucinaciones de la IA y garantizar el contexto financiero.
Advertencia sobre inversiones: Este contenido se proporciona únicamente con fines informativos y no constituye asesoramiento profesional de inversión, legal o financiero. Los mercados conllevan riesgos inherentes. Se recomienda a los usuarios que realicen una investigación independiente o consulten a un asesor financiero certificado antes de tomar cualquier decisión. Ainvest Fintech Inc. se exime de toda responsabilidad por las acciones tomadas con base en esta información. ¿Encontró un error? Reportar un problema
SOBRE NOSOTROS
Nuestra historiaAutores de noticiasBase de conocimientosPolítica de privacidadTérmino de usoDescargo de responsabilidad de corretaje de tercerosTérminos de uso de AIMEDivulgaciones de riesgos de AInvest AICarrerasCONTÁCTENOS
Email: support@ainvest.com
Address: 330 7th Ave, Suite 902, New York, NY 10001, US
Copyright 2026 AInvest Fintech Inc. All rights reserved.
Comentarios
Aún no hay comentarios