Questions are being raised over security measures at X after hackers were blamed for a fake post on the US financial market regulator’s account that prompted a jump in the value of Bitcoin.
Crypto investors were widely anticipating confirmation from the US Securities and Exchange Commission (SEC) this week that it had approved a Bitcoin exchange-traded fund.
Such a move would allow investment without the need to buy Bitcoin through an exchange.
So there were initially no alarm bells when the SEC’s X account revealed on Tuesday night that it had granted “approval for #Bitcoin ETFs for listing on all registered national securities exchanges”.
Bitcoin’s value stood just below $48,000 in the wake of the post, having shot up from around $46,730.
But that growth was soon erased when SEC chairman Gary Gensler used his personal account on X to declare that the SEC’s account had been compromised.
“The SEC has not approved the listing and trading of spot bitcoin exchange-traded products,” he said.
He called the post “unauthorised”, without providing further explanation.
This content is provided by X, which may be using cookies and other technologies.
To show you this content, we need your permission to use cookies.
You can use the buttons below to amend your preferences to enable X cookies or to allow those cookies just once.
You can change your settings at any time via the Privacy Options.
Unfortunately we have been unable to verify if you have consented to X cookies.
To view this content you can use the button below to allow X cookies for this session only.
Bitcoin was trading at $45,600 on Wednesday morning.
X said via its safety account that a preliminary investigation had found “an unidentified individual” had taken control of a phone number associated with the SEC account “through a third party”.
It went on to explain that @SecGov did not have two-factor authentication activated, as X recommends.
While US politicians criticised the SEC for its security controls, others pointed the finger of blame at Elon Musk’s company.
He took an axe to content moderation and security teams after taking over the platform, then known as Twitter, in late 2022.
Austin Berglas, a former cybersecurity official at the FBI’s New York office and a senior executive at the security firm
BlueVoyant, said of the incident: “Something like that, where you can take over the SEC account and potentially affect the value of Bitcoin in the market – there’s massive opportunity for disinformation.”
Brett Callow, an analyst with the cybersecurity firm Emsisoft, added: “The consequences of account takeovers could potentially be significant, and especially during an election year.”
X has yet to provide a statement.