Brother
Professional
- Messages
- 2,590
- Reaction score
- 526
- Points
- 113
Everyone can learn from this revealing attack on the SEC.
The US Securities and Exchange Commission (SEC) has confirmed that its X*social network account was hacked. The security breach that occurred earlier in January was carried out through a SIM Swapping attack, while the account was not protected by multi-factor authentication (MFA).
An internal investigation revealed that unauthorized access to the phone number linked to the SEC account was obtained through the agency's telecom operator by SIM Swapping. The attack involves gaining control of a cell phone number by convincing the mobile operator to transfer the number to a SIM card controlled by the attacker. Once an attacker gains control of the victim's phone number, they can use that phone number to reset the passwords of accounts belonging to the victim.
After gaining control of the number linked to the SEC account, the attacker reset the SEC password on the X network, gaining access to the account. Law enforcement agencies are currently investigating how the cybercriminal managed to convince the operator to change the SIM card for the account and how he found out which phone number was linked to the account.
After the investigation began, the SEC said that at the moment the agency has no evidence that the attacker gained access to systems, data, devices or other SEC accounts in social networks.
The statement also confirmed X's initial public comments that the SEC account was disabled from multi-factor authentication. The agency said that the account was "disabled by X support at the request of employees in July 2023 due to problems with access to the account." The SEC said it has now enabled multi-factor authentication for all of its social media accounts, where possible.
The US Securities and Exchange Commission (SEC) has confirmed that its X*social network account was hacked. The security breach that occurred earlier in January was carried out through a SIM Swapping attack, while the account was not protected by multi-factor authentication (MFA).
An internal investigation revealed that unauthorized access to the phone number linked to the SEC account was obtained through the agency's telecom operator by SIM Swapping. The attack involves gaining control of a cell phone number by convincing the mobile operator to transfer the number to a SIM card controlled by the attacker. Once an attacker gains control of the victim's phone number, they can use that phone number to reset the passwords of accounts belonging to the victim.
After gaining control of the number linked to the SEC account, the attacker reset the SEC password on the X network, gaining access to the account. Law enforcement agencies are currently investigating how the cybercriminal managed to convince the operator to change the SIM card for the account and how he found out which phone number was linked to the account.
After the investigation began, the SEC said that at the moment the agency has no evidence that the attacker gained access to systems, data, devices or other SEC accounts in social networks.
The statement also confirmed X's initial public comments that the SEC account was disabled from multi-factor authentication. The agency said that the account was "disabled by X support at the request of employees in July 2023 due to problems with access to the account." The SEC said it has now enabled multi-factor authentication for all of its social media accounts, where possible.
