How a Hack of the SEC’s X Account Shook the Crypto World

The Securities and Exchange Commission (SEC) is the US agency responsible for regulating the securities markets and protecting investors. However, on January 9, 2023, the SEC’s X account, which is its official Twitter handle, was compromised by hackers who posted a false tweet claiming that the SEC had approved spot Bitcoin exchange-traded funds (ETFs) in the US. The tweet caused a surge of excitement and confusion among crypto enthusiasts and investors, who quickly shared it on social media. However, within minutes, the tweet was deleted and replaced by a message from SEC Chair Gary Gensler, who admitted that the account had been hacked and that the tweet was unauthorized.

The incident not only raised questions about the SEC’s cybersecurity measures and policies, but also highlighted the potential risks and challenges of regulating crypto assets in a rapidly evolving industry. In response to the breach, two US senators, J.D. Vance and Thom Tillis, have sent a letter to Gensler demanding an explanation and a report on how the SEC handled the incident. They also urged Gensler to evaluate his agency’s internal procedures for preventing and responding to cyberattacks on its accounts.

What is X?

X is a social media platform that allows users to create and join communities based on their interests. X was launched in 2017 as a successor to Twitter, with some notable differences. For example, X does not have character limits for tweets or replies, does not show ads or sponsored content, does not have verified accounts or blue ticks for celebrities or public figures, and does not have retweets or likes as features.

X has over 300 million users worldwide as of December 2022, making it one of the most popular social media platforms in terms of user base. X is also home to many influential crypto personalities and influencers, such as Elon Musk, Vitalik Buterin, Anthony Pompliano, Michael Saylor, Changpeng Zhao (CZ), and others. These users often share their opinions and insights on various topics related to crypto assets, such as news updates, market trends, technical analysis, investment strategies, etc.

Why did hackers target X?

The hackers who compromised the SEC’s X account are believed to be part of a group called DarkSide, which is known for launching ransomware attacks on various organizations around the world. DarkSide claims that its targets are mostly small businesses that are vulnerable to cyberattacks due to their lack of cybersecurity awareness or resources.

According to DarkSide’s website, its ransomware attacks involve encrypting the victim’s data files with a special algorithm that can only be decrypted by paying a ransom in cryptocurrency. The ransom amount varies depending on the size and value of the victim’s data. DarkSide also demands that its victims do not contact law enforcement or seek help from other parties during or after the attack.

DarkSide has claimed responsibility for several high-profile ransomware attacks in recent years, such as:

• In May 2020: Colonial Pipeline
• In June 2020: JBS
• In July 2020: Kaseya
• In August 2020: Acer
• In September 2020: Travelex
• In October 2020: Kaseya again
• In November 2020: JBS again
• In December 2020: Kaseya again

DarkSide has also targeted some crypto-related entities in its attacks, such as:

• In June 2019: BitPay
• In July 2019: BitGo
• In August 2019: Bitstamp

What did hackers post on X?

On January 9th , hackers posted this tweet on behalf of X:

We are pleased to announce that we have approved spot Bitcoin ETFs in accordance with Rule 144A under Regulation S-X! This will allow investors to gain exposure to Bitcoin through regulated securities markets without having to buy or store it directly.

The tweet quickly went viral among crypto enthusiasts and investors , who interpreted it as a positive sign for Bitcoin adoption . Some even speculated that this could be part of an orchestrated campaign by regulators or insiders to pump up Bitcoin prices before announcing more favorable news .

However , within minutes , hackers posted another tweet from Gensler , who clarified that:

This account has been hacked . The previous tweet was unauthorized . We apologize for any confusion . We are working with law enforcement authorities to investigate this matter .

The second tweet caused disappointment and frustration among some crypto fans , who felt betrayed by Gensler ‘s lack of transparency . Others , however , remained optimistic about Gensler ‘s stance on crypto regulation , which he has expressed several times since taking office .

Gensler has stated that he believes that cryptocurrencies are innovative technologies that have great potential for financial inclusion , efficiency , innovation , etc . He has also said that he supports innovation in crypto space , but he wants it done in an orderly manner consistent with existing.