Unsafe X, injured cryptocurrency

Author: Meteor, Editor: Marco
Cryptocurrency is once again jumping up and down due to a false message.
The SEC's official Twitter account posted a message early this morning, claiming that the BTC spot ETF has been approved and will soon be available for trading.

After this message was released, BTC surged close to $48,000, but the SEC quickly deleted the tweet. Subsequently, SEC Chairman Gary Gensler tweeted that the SEC's official account had been hacked, and the earlier announcement about the BTC spot ETF approval was false; no BTC spot ETF has been approved yet.

Following this announcement, BTC understandably fell back to around $45,000, with fluctuations exceeding $2,000. According to Coinglass data, as of the time of writing, nearly $133 million in liquidations occurred across the network in the past 12 hours, with both long and short positions being liquidated, largely due to the two "contradictory" tweets from the SEC's official account and Gensler.

1. SEC Claims Official Account Was Hacked

After the incident, the X (Twitter) security team tweeted from the Safety account, confirming that the SEC's official account SECGov had been hacked. Preliminary investigations indicate that this breach was not due to a vulnerability in X's system, but rather because an unidentified individual controlled the phone number associated with the SEC account through a third party.
In fact, the explanation provided by Safety seems rather perfunctory; it is hard to evaluate whether the SEC incident was truly a hack or due to other reasons, especially since a national regulatory agency's phone number could be compromised and, importantly, did not have 2FA enabled. As a regulatory body that can influence the direction of cryptocurrency, the SEC's mistake in this instance is inexcusable. To some extent, this error can be seen as an indirect manipulation of BTC prices, and there have indeed been previous instances where a Cointelegraph intern's false message caused significant fluctuations in BTC.
According to Bloomberg senior ETF analyst Eric Balchunas, the false tweet announcing the approval of the BTC spot ETF may have been a planned tweet that was mistakenly input with the wrong date; if it had been published at this time tomorrow, it would have been very significant. Balchunas noted that the language style of the tweet appeared to be standard SEC style, rather than a casual crypto prank.
However, the incident has occurred, and blaming the SEC or X is no longer important; what matters more is that we should pay greater attention to security issues related to cryptocurrency on X. For those who have been active on X for a long time, incidents of insecurity regarding crypto assets on the platform are not uncommon.

2. Cryptocurrency Mocked by False Information on X

Fake accounts, fake links, hacks, and stolen wallet accounts are common occurrences on the X platform, although many incidents do not have as wide an impact as the SEC's this time.
ChainCatcher has compiled a list of recent major security incidents involving cryptocurrency on X:
The most recent notable scam on the X platform involved crypto KOL 0xWizard being impersonated by a Cointelegraph reporter who privately messaged him, claiming to want to interview 0xWizard and report on Cointelegraph. They then posted a fake link, and upon clicking it, the scammer gained access to his X authorization, subsequently using the 0xWizard account to post a mint link for Arbitrum inscriptions, which would empty users' wallets upon clicking.

Similarly, crypto KOL 币圈慈善家 was recently attracted by a fake NFT mint link on the Arbitrum chain by the Bitfrog team, and after connecting their wallet to mint, they found that the mint interface failed to connect, resulting in the theft of wallet assets.
In addition to KOLs, project and institutional X accounts have also been hacked. On January 5, CertiK's X account was hacked and posted false information claiming that the Uniswap router contract was vulnerable to reentrancy attacks, along with a RevokeCash link (a phishing link).
On January 6, the official account of the NFT lending protocol Sharky on Solana was hacked and posted a phishing link.

Moreover, many project official accounts also have similar phishing links appearing in the comments, leading to X accounts being hacked, wallet authorizations being compromised, or wallet assets being stolen. This often occurs in the comment sections of official project tweets announcing recent major events, such as the recent meme coin LFG on Solana and the Bakerswap IDO project Bitcoin Cats, where many phishing links can be found in the comments of related tweets. There are even cases where users have suffered asset losses due to mistakenly clicking on these links.

3. How to Avoid Scams?

Scam links and accounts related to cryptocurrency are everywhere on X, but the crypto industry still relies on this platform. As participants, we can only enhance our anti-scam measures to avoid asset leakage or being influenced by false information.
ChainCatcher has collected some tips to prevent scams:
For X accounts, if your account follows many individuals in the crypto industry, when it comes to new projects or accounts claiming to be related to certain projects, do not only look at the number of followers or whether the avatar matches; also check if the crypto individuals you follow are also following these accounts and content.
Secondly, pay attention to distinguishing the authenticity of handles, such as handle suffixes and the differences in certain uppercase and lowercase letters, like the lowercase l (L) and uppercase I (i), or the number 0 and the letter o. Be sure to scrutinize every punctuation and letter in the handle.
Additionally, the founder of SlowMist, 余弦, suggests regularly clicking "Settings > Security and Account Access > Apps and Sessions" to delete any suspicious app connections or sessions.
Some websites require X account authorization; Yu Xian has previously revealed a scam involving a private message from an X account, where certain Calendly-related links, when clicked, allow scammers to gain access to the user's Twitter authorization and use it to post phishing information. For example, some may impersonate well-known "media reporters," "project parties," or "investors," using tactics that can easily lead people to lose their rationality.
For certain links, always check the authenticity of the posting account and whether the content matches. For instance, if there is a link about claiming an airdrop, be cautious and do not click to authorize your wallet without verifying.
If a major project announces an airdrop, most well-known media outlets will report on the airdrop-related information almost simultaneously. For smaller projects, check the official project account for any announcements. For links related to other new projects, if they are very early-stage projects and the related information is hard to verify, consider creating a new wallet to click the link and experience the project, rather than using a wallet with significant assets to click links indiscriminately. Be sure to carefully identify the information that pops up from the wallet, whether it is for login, transfer, or signature authorization.
At the same time, regularly visit the revoke website to revoke authorizations for certain websites to enhance wallet security. You can also click the upper right corner in the MetaMask wallet, select connected sites, and revoke connections to certain websites.
As the bull market approaches, everyone will likely spend more time active on Twitter. It is crucial to carefully distinguish the authenticity of accounts, information, and links on Twitter, and we hope everyone pays more attention to crypto security issues on Twitter, avoiding traps and ensuring that their crypto assets do not become casualties of cryptocurrency.