The official X profile of BNB Chain, followed by nearly four million users, was taken over by hackers on Wednesday. The attackers used the account to promote phishing sites designed to steal funds from unsuspecting crypto holders.
Binance founder Changpeng “CZ” Zhao quickly confirmed the breach, cautioning the community not to interact with any links shared during the hack. “The posts contained fake Wallet Connect links. Do not connect your wallets,” Zhao emphasized.
According to CZ, BNB Chain’s security team immediately contacted X to have the account suspended and regain access. He also mentioned that takedown requests for the phishing sites were already submitted to relevant parties.
A spokesperson for BNB Chain added that the team is actively investigating the incident and will release updates as soon as more details become available.
Classic phishing tactic with altered domains
SlowMist’s chief security officer, known online as 23pds, explained that the attackers used a common strategy: slightly modifying characters in domain names to make the fake sites appear authentic.
“The English-language BNB Chain X account was hacked. The phishing site replaced the letter ‘i’ with ‘l,’” he revealed. He also linked the attack to the notorious Inferno group — a phishing-as-a-service operation notorious for wallet-draining schemes.
Inferno Drainer, which surfaced in 2022, allows affiliates to launch fake websites that look nearly identical to legitimate crypto projects. The service gained widespread attention in 2023 for its role in multiple large-scale scams.
The event highlights the growing difficulty crypto projects face in securing official accounts from hijacking attempts. 23pds noted that such a compromise raises questions about the security posture of the BNB Chain team itself.
“The level of security awareness here is concerning,” he commented.
CZ urges caution — even with verified accounts
Zhao used the incident to remind users to always verify web domains before interacting, regardless of whether links come from official or verified profiles. “Double-check the domains carefully, even if they’re posted on official accounts. Stay SAFU,” he warned.
As of now, the malicious posts appear to have been removed. However, it is still unclear if any users fell victim by connecting their wallets or suffered financial losses.
Download the FREE Bitcoin Mining eBook
Kickstart your mining journey with essential insights:
https://bitmernmining.com/landing-page-ebook-download/
For more news, find me on Twitter Giannis Andreou and subscribe to My channels Youtube and Rumble
What is your opinion on this particular topic? Leave us your comment below! We are always intere
