It Wasn't a Draft Tweet: SEC Taps FBI to Investigate Fake Bitcoin ETF Post

Speculators had previously guessed the fake post, which rattled markets yesterday, was a real SEC tweet that was published prematurely.

Jan 10, 2024

3 min read

Twitter (now known as X) is prone to hacks resulting from SIM swaps. Image: Shutterstock

The hacker who compromised the Securities and Exchange Commission (SEC) Twitter account yesterday posted content that was never drafted by the Commission, the federal agency said Wednesday.

In a statement shared with Decrypt, an SEC spokesperson said that no elements of the Twitter post made Tuesday afternoon by a hacker who gained access to the SEC’s account—which announced the approval of all 11 pending spot Bitcoin ETF applications—were created internally at the agency.

The spokesperson said the agency is now cooperating with the FBI to investigate the hack and track down its perpetrator.

The development deflates several theories circulating in the aftermath of yesterday’s events, namely the one which speculated that a hacker infiltrated the SEC’s Twitter account, discovered a scheduled Tweet announcing the Bitcoin ETF approvals, and published it prematurely.

My guess is that the SEC account was both hacked AND that the tweet was real.

Hacker first tweeted and then deleted just a ticker.

Then likely found the tweet with the announcement graphic and Gensler quote in the draft folder.

SEC wouldn’t get date wrong, and tweet only… pic.twitter.com/RQp7Mo4Zey

— Adam Cochran (adamscochran.eth) (@adamscochran) January 9, 2024

It also highlights the sophistication of the hack. The phony Bitcoin ETF approval post included a graphic featuring an inlaid quote purportedly from SEC Chairman Gary Gensler, commenting on the significance of the agency’s announcement.

“Today’s approval enhances market transparency and provides investors with efficient access to digital asset investments within a regulated framework,” the hacker, posing as Gensler, wrote.

The language was apparently so closely tailored to Gensler’s typical way of speaking that even senior ETF analysts maintained—after the hack was revealed—that the post was likely really from the SEC, but merely published a day too early.

Honestly... that quote was so perfectly genslish and the wording of that tweet is exactly how you'd expect it to be worded from the SEC. That was either a tweet sitting in drafts or someone is good at mimicking SEC language.

— James Seyffart (@JSeyff) January 9, 2024

In the hours following the hack, Twitter’s Safety team confirmed that the SEC’s account was hacked, but not due to any flaws in the platform’s design; the company said that the SEC did not enable two-factor authentication for its Twitter account. A hacker was therefore able to infiltrate the account by merely obtaining control over a phone number associated with it.

In the minutes following the revelation that the SEC’s spot Bitcoin ETF approval post was a hoax, Bitcoin’s price plunged. Lawmakers have since demanded an explanation for how the market-shifting hack was able to succeed.

Despite all the hullabaloo, analysts still anticipate that the SEC will begin approving spot Bitcoin ETF applications on schedule, beginning this afternoon.

It Wasn't a Draft Tweet: SEC Taps FBI to Investigate Fake Bitcoin ETF Post

Speculators had previously guessed the fake post, which rattled markets yesterday, was a real SEC tweet that was published prematurely.

Decrypt’s Art, Fashion, and Entertainment Hub.

Stay on top of crypto news, get daily updates in your inbox.

Coin Prices