Anonymizing BTC is a lot easier than hiding from the SEC. There are that many people holding massive amounts of short-term TSLA options (enough to make >$500k on a single day movement) that the SEC can't look at each of them.
I highly doubt that the SEC wouldn't put the required resources into this. After all, this would've caused tens of millions in damages, rather than the mediocre 100k$.
Also, you could filter for new traders and traders overly invested in TSLA. Giving the rather mediocre execution (i.e. single Bitcoin address), I doubt the attacker had a lot of time and capital upfront to hide in these masses.
Lastly, stock market transactions can be paused and are reversible - there's a good chance of a circuit breaker hitting or a reversal happening with that blatant market manipulation.
> the SEC wouldn't put the required resources into this
Keep in mind that a lot of the SEC's enforcement breadth comes from brokers' compliance departments. Any time anyone makes an unusual profit around corporate actions, the SEC basically requires a thorough investigation by the broker's compliance staff.
Also, getting away with an event like that hurts confidence in the stock market as a whole. It's not not purely about immediate damages to people in the market, it's also about how willing people are to participate in the future. A fraction of a percent of less people participating or slowing activity likely amount to many multiples of the damages from this event.
The SEC would be extremely motivated to find these people to make an example of them so others think twice in the future.
When Musk posted a tweet 'joking' about taking Tesla private, which was utterly trivial to investigate, the SEC only managed to deliver a slap on the wrist.
Not sure I agree they'd have investigated thousands of people.
>When Musk posted a tweet 'joking' about taking Tesla private, which was utterly trivial to investigate, the SEC only managed to deliver a slap on the wrist.
Because prosecuting Elon Musk requires going up against top tier defense lawyers and proving things like "Musk tweeted this with the intention of impacting his stock's value" or something.
With hackers, you can use the financial stuff to target the hackers, and then either (a) prove the computer crimes or (b) use the computer crimes and the surrounding stock sales to prove intent. You also don't have to go up against a legal defense better funded than some militaries.
Musk is in one class of people, people who for the most part are completely beyond consequences for things like financial crimes, fraud, or even causing mass death (as in the case of the Sacklers and the opioid crisis).
You and I and yesterday's Twitter hacker are not in this class.
The SEC can look at each of them.
Compliance and suspicious trading activity mechanisms put in place by financial actors are very sophisticate.
Analyze millions of trades and make reports out of it is not a big deal. I wouldn't be surprised if SEC is already analyzing trades related to stocks impacted by this hack.
