Photo by Amelia Holowaty Krales / The Verge
The Securities and Exchange Commission has linked a SIM swapping attack to its account breach on X earlier this month, which led to the creation of a fake post announcing approval of Bitcoin ETFs that caused the cryptocurrency’s price to spike. In an update on Monday, the SEC says an “unauthorized party obtained control of the SEC cell phone number associated with the account in an apparent ‘SIM swap’ attack.”
A SIM-swapping attack occurs when a bad actor obtains a victim’s phone number through techniques like social engineering. That allows the attacker to intercept calls and texts intended for the victim, including two-factor authentication codes, which they can then use to sign in to their victim’s accounts.
In the SEC’s case, a bad…