For the past six months, the crypto industry has been eagerly awaiting a decision from the U.S. Securities and Exchange Commission (SEC) regarding the first spot-based Bitcoin ETF in the United States. Shortly after yesterday's market close, the approval was finally announced on the official Twitter account - and deleted minutes later.
The SEC's verified Twitter account stated that the agency had approved the listing of Bitcoin ETFs on all registered securities exchanges. A picture of Chairman Gary Gensler with a quote about the supposed milestone for digital asset trading accompanied the announcement. A few minutes later, however, Gensler stated on his personal Twitter profile that it was a false report from a hacker.
Newsflash: There was just a bogus posting from the @SECGov account that the SEC has approved a Bitcoin Spot ETF. You just can't make this stuff up. https://t.co/aES1yEb4D9 pic.twitter.com/unXsW9xvVt
— John Reed Stark (@JohnReedStark) January 9, 2024
Moderate market reaction to false Bitcoin ETF report
Although the price of Bitcoin immediately responded to the Twitter post with a spike of about 2% to $48,000, skepticism quickly grew and the spike lasted only four minutes. Traders gradually realized that it was a false report, leading to a correction of -6.17% in the bitcoin price.
Bitcoin BTC/USDT (5min) / Charts: Tradingview
As the misinformation only appeared on Twitter, the overall market reaction was relatively limited. Approximately $65 million in derivative positions were liquidated on centralized exchanges in the 20 minutes around the bitcoin ETF announcement. By comparison, on volatile trading days like last Wednesday, liquidation figures are well into the hundreds of millions.
The best articles of the week, directly delivered into your mailbox.Subscribe to our newsletter
SEC did not use two-factor authentication (2FA)
In a post-mortem, an official Twitter team channel confirmed the malicious takeover of the SEC profile. A preliminary investigation revealed that the compromise was due to the hijacking of the phone number associated with the SEC account. In addition, the Twitter team confirmed the lack of two-factor authentication (2FA). Two-factor authentication is a security measure that requires users to provide two different forms of identification, typically a password and a temporary code on a mobile phone.
Preventing the popular SIM swap attack is critical in this context. SIM swap is a fraudulent technique in which a hacker convinces a mobile service provider to transfer the victim's phone number to a new SIM card under the attacker's control, allowing calls and messages to be intercepted. For official channels, two-factor authentication is even more critical when false reports can affect the market.
This is a reminder to secure your financial accounts as well as protect against identity theft and fraud.
Remember to:
🔒Use strong passphrases or passwords
🔒Set up multifactor authentication
🔒Keep account alerts turned on#CybersecurityAwarenessMonthhttps://t.co/qitGkujLxD— Gary Gensler (@GaryGensler) October 24, 2023
