Questions are being raised over security measures at X after hackers were blamed for a fake post on the US financial market regulator’s account that prompted a jump in the value of Bitcoin.
Crypto investors were widely anticipating confirmation from the US Securities and Exchange Commission (SEC) this week that it had approved a Bitcoin exchange-traded fund.
Such a move would allow investment without the need to buy Bitcoin through an exchange.
So there were initially no alarm bells when the SEC’s X account revealed on Tuesday night that it had granted “approval for #Bitcoin ETFs for listing on all registered national securities exchanges.”
Bitcoin’s value stood just below $48,000 in the wake of the post, having shot up from around $46,730.
But that growth was soon erased when SEC chairman Gary Gensler used his personal account on X to declare that the SEC’s account had been compromised.
“The SEC has not approved the listing and trading of spot bitcoin exchange-traded products,” he said.
He called the post “unauthorized”, without providing further explanation.
Bitcoin was trading at $45,600 on Wednesday morning.
X said via its safety account that a preliminary investigation had found “an unidentified individual” had taken control of a phone number associated with the SEC account “through a third party.”
It went on to explain that @SecGov did not have two-factor authentication activated, as X recommends.
While US politicians criticised the SEC for its security controls, others pointed the finger of blame at Elon Musk’s company.
Be the first to get Breaking News
Install the Sky News app for free
He took an axe to content moderation and security teams after taking over the platform, then known as Twitter, in late 2022.
Austin Berglas, a former cybersecurity official at the FBI’s New York office and a senior executive at the security firm
BlueVoyant, said of the incident: “Something like that, where you can take over the SEC account and potentially affect the value of bitcoin in the market – there’s massive opportunity for disinformation.”
Brett Callow, an analyst with the cybersecurity firm Emsisoft, added: “The consequences of account takeovers could potentially be significant, and especially during an election year.”
X was yet to provide a statement.