BNB Chain’s X account was hacked as CZ issued a phishing warning

On October 1, 2025, the official X account of Chain, which had almost four million followers, was hacked, leaving the cryptocurrency community in shock. Hackers rapidly took control, turning the trusted voice of the platforms into a means to deceive people.

 During the event, hackers posted several fake messages with phishing links in them to trick people into connecting their cryptocurrency wallets. This bold takeover not only highlighted the vulnerability of social media security for initiatives but it also underscored the potential dangers of decentralized funds.

The attack occurred rapidly, and the hacked account sent out numerous urgent-sounding messages that appeared to be genuine interactions. Hackers tricked people into connecting through viewmingly harmless links, unaware that they were actually tools for money theft. The damage had already begun to accumulate by the time notifications begined going out, although it was still relatively small compared to other high-profile hacks.

CZ’s Quick Response

, the founder of Binance and a strong supporter of blockchain security, comes into the picture. CZ didn’t waste any time dealing with the matter; he went to his own X account to give a clear warning. The hacker posted numerous links to phishing sites that require Wallet Connect to access.

He stressed the imminent danger and told people not to connect their wallets. His message pierced through the chaos and reached millions of people, possibly stopping a lot of damage from happening.

Zhao didn’t just stop at the alert. He said that BNB Chain’s security teams rapidly told X’s platform moderators and were working together to suspend and restore accounts. People rapidly submitted petitions to take down the phishing sites that were causing difficultys. 

reaffirmed a timeless mantra: Always examine the domains cautiously, even from official X handles. This was in line with their goal of proactively educating users. Stay secure! This serves as a reminder that exercising caution is the most effective approach to secureguard yourself in an environment rife with fraudulent activities.

Inside the Phishing Attack

The breach was caused by a phishing scheme that was both complex and well-known, and security experts think it was the work of the infamous Inferno organization. This group has gained recognition for its phishing-as-a-service concept since its introduction in 2022. It utilizes pre-made kits that resemble trusted interfaces. 

In this example, the attackers employed a subtle domain spoofing method that replaced the letter “i” with “l” in URLs to evade detection. Ten of these links were sent out, resulting in losses of over $8,000 for diverse networks. This number may have grown even more if action hadn’t been taken rapidly.

Security expert from sluggishMist called out the strategy ahead, calling it a classic ploy and connecting it to Infernos’ arsenal. The Inferno Drainer is a tool that steals money from wallets and allows affiliates to conduct attacks with no technical knowledge. This instance illustrates how easily people can commit cybercrimes in the cryptocurrency world.

The was just as strong as the teams’ recovery efforts and community fallout. The crew regained control of the account by 8:26 AM UTC. They deleted the poor posts and brought back the excellent ones.

A spokeswoman for the team said in a message to the community, “We are working closely with our security partners to find out what happened and will share confirmed details as soon as they are available.” They promised to fully reimburse all affected users, which was a way to reestablish trust.

There was, however, some criticism. 23pds blasted the team’s security stance, saying, “The BNB Chain team’s security awareness shouldn’t be this low.” The event sparked a broader discussion on X, with users offering advice on answers for two-factor authentication and domain verification.