Update, October 1, 2025, 10:11 AM UTC: This article has been updated to include comments from the BNB Chain team.
Binance founder Changpeng Zhao (CZ) confirmed the incident and warned fans not to interact with malicious posts containing phishing links. CZ wrote, "The hacker posted a bunch of phishing website links that require using Wallet Connect. Do not connect your wallet."
He added that the BNB Chain security team has notified the X platform and is working to suspend the account and restore access. CZ also stated that requests to take down these phishing websites have been submitted.
A member of the BNB Chain team told Cointelegraph that they are still investigating the specific method of the breach. "We are working closely with security partners to identify the root cause and will share details as soon as they are confirmed," the member said.
SlowMist's Chief Information Security Officer (using the account 23pds on X) stated that the attackers used a classic technique by swapping letters in the phishing domain to make it look like a legitimate website.
23pds posted a warning to users: "The official English X account of BNB Chain has been hacked! The phishing website changed the letter 'i' to 'l'." This security expert also mentioned that the malicious domain belongs to the notorious Inferno phishing organization.
Inferno Drainer is a crypto wallet draining software and phishing-as-a-service platform that emerged around 2022 and gained infamy in 2023. The platform allows its affiliates to deploy ready-made phishing websites that mimic the interfaces of legitimate crypto projects to carry out attacks.
This incident highlights the challenges of protecting official crypto project accounts from takeover. SlowMist's Chief Information Security Officer pointed out that this vulnerability also raises questions about the team's security practices.
23pds stated, "The security awareness of the BNB Chain team should not be so weak."
In a post on X, Changpeng Zhao (CZ) advised community members to always verify the domain name, even when links come from official or verified accounts. He wrote, "Even if it comes from an official X account, be very careful to check the domain name. Safety first, don't be easily fooled!"
At 8:26 AM UTC, the BNB Chain team announced that they have regained control of the account.
A member of the BNB Chain team told Cointelegraph that a total of 10 phishing links were posted, resulting in an estimated loss of about $8,000 across various chains. BNB Chain stated that all affected users will be fully compensated.
Related: Interview with SlowMist: A Guide to Avoiding Pitfalls for Web3 Startups
Original article: “BNB Chain Official X Account Hacked, CZ Warns of Phishing Links”
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
