Key Takeaways:
- BNB Chain’s official X account, with over 3.8 million followers, was compromised to spread phishing links disguised as airdrops.
- Binance founder Changpeng Zhao (CZ) issued multiple urgent warnings: “Do NOT connect your wallet.”
- Binance security teams are coordinating with X to suspend the account, remove phishing sites, and restore access.
The crypto industry is once again facing a stark reminder of how centralized social media platforms can be weaponized by attackers. A hack on BNB Chain’s official X account exposed millions of followers to phishing schemes, triggering an immediate response from Binance founder Changpeng Zhao.
Read More: CZ Fires Back at Bloomberg’s “Hit Piece” on Trump-Linked Stablecoin, Lawsuit on the Table?
Hackers Exploit BNB Chain’s Official Account
The official BNB Chain X handle, one of the most-followed blockchain accounts globally, was hijacked to post fraudulent content. Attackers published multiple posts promoting fake “BNB HODLer Airdrops”, directing users to phishing websites designed to trick them into using WalletConnect.
The links were soon of interest to security researchers who labeled them as such. The phishing sites had been established to collect wallet credentials, which gave hackers an opportunity to empty the money of users. The attackers reached as many people as possible and as far as possible by attacking an account that was then followed by millions of people and was credible.
This tactic is not new. Such exploits have been witnessed by users of cryptocurrencies who were targeted by hackers posing as reputable brands and influencers on social sites. This time it is the scale: almost four million followers provided BNB Chain account hackers with a huge pool of potential victims.
CZ Responds With Back-to-Back Warnings
“Do NOT connect your wallet”
Shortly after the breach, CZ issued two separate warnings from his personal account. His first alert suggested the account “may have been compromised” and urged users to avoid clicking recent posts. Minutes later, he confirmed the hack and emphasized the phishing threat directly:
“The @BNBCHAIN X account is compromised… Do NOT connect your wallet. Security teams are working to suspend the account and take down all phishing sites. Always check the domains carefully, even from official handles. Stay SAFU!”
The phrase “Stay SAFU” has long been a Binance community slogan for security awareness. Here, CZ used it to reinforce caution, even when posts appear on verified accounts.
Security Teams Take Emergency Measures
As per CZ, cybersecurity departments of Binance are working with X internal teams to curb the incident. Their priority: suspending the account by stopping phishing activities. The second thing is to restore access of administrators to the team of BNB Chain.
In the meantime, Binance has submitted takedown requests to prevent the phishing sites being distributed by the attackers. However, security observers caution that this is usually a game of “whack-a-mole” because phishing criminals switch to other domains very quickly once the previous ones are taken down.
This event demonstrates the vulnerability of the centralized channels of communication. Despite the idea of community in the Web3 that is centered on decentralization, in practice, most crypto-related projects use centralized systems like X to receive real-time updates. This dependency forms single points of failure that hackers are keen to use.
The Wider Impact on the Crypto Community
This is not the only case of compromising the account of BNB Chain. Over the past few years, scammers have hacked the accounts of high-profile projects and influencers and even government agencies to promote their scams. Such attacks cost users, overall, hundreds of millions of dollars.
BNB Chain stands out in particular due to its extensive use as a decentralized application, NFTs, and DeFi protocol. False announcements made on an official channel can have devastating impacts with millions of developers and users depending on the announcements made by the network.
Read More: Franklin Templeton’s $732M Benji Platform Now Live on BNB Chain
To the users, the incident is yet another wake call:
- Never trust single-source announcements: cross-check information on multiple verified platforms.
- Be skeptical of airdrops and rewards that ask for wallet connections.
- Bookmark official domains and verify links before signing transactions.
How much money has been lost by this particular cyber-attack is unknown but the reputational risks of this attack are immense. In crypto, trust is currency. The official accounts are the channels of communication which are believed to be reliable. Once they are destroyed, it not only incites doubt in the user in a single project but also the industry as a whole.