BNB Chain recovers X account after phishing hack drains $13K
The official X account of the BNB Chain blockchain network, which was compromised early Wednesday, has now been recovered. Binance’s co-founder Changpeng Zhao confirmed that the hacker made away with $13,000.
In a statement posted on X at around 08:26 AM UTC, the BNB Chain team said the attacker used the compromised account to post ten phishing links. The malicious links tricked users into connecting their wallets and signing off on fraudulent transactions.
Update on Account Security Incident
We’re back! The team has regained full access of the @BNBCHAIN account.
The root cause of this breach is still under active investigation and we will share the updates as soon as we can. The estimated damage is $8K and the victims will be…
— BNB Chain (@BNBCHAIN) October 1, 2025
At the time of its update, the team revealed that investigations were ongoing, and the total amount stolen from several blockchains reached around $8,000. The largest single victim suffered losses of $6,500 after interacting with one of the links.
The attacker also deployed one phishing contract address, injecting $17,800 before cashing out all of his meme tokens for $22,000. CZ, the former Binance chief executive, confirmed the attack had been neutralized, but not before the exploiter caused the chain an estimated loss of $13,000.
“Hacker went through all this trouble, plus criminal liability. He could have made more by building. Victims will be compensated in full,” Zhao wrote on X.
CZ, Binance Chain, thank community vigilance for quick recovery
BNB Chain has thanked the community for spreading word of the exploit, saying alerts from users helped limit the impact of the hack.
“A massive thank you to our community and partners for spreading the word quickly, staying vigilant and supportive throughout this incident,” the statement read.
Following his earlier post on the account’s restoration, Zhao also noted that the community “mocked” the hacker after they tried to sell meme tokens.
“Interestingly, after the hacker dumped ALL his tokens for a $4k gain, the community took over and bought the meme coin higher, as a mock at the hacker. Funniest comeback by the community,” he remarked.
According to security platform SlowMist, the hacker used a well-known phishing technique that swaps similar-looking characters in website domains. SlowMist’s chief information security officer explained that the fake website changed the letter “i” to “l” in order to appear legitimate.
“BNB Chain’s English official X account has been hacked! The phishing website changed the letter i into l,” the chief security officer posted, adding that the malicious domain could be connected to the Inferno phishing group.
BNBchain英文官推被盗!
恶意钓鱼网站 把字母 i 换成 l ,恶意域名 bnbchalns[.]com 属于 inferno 钓鱼团伙
🤣别交互! @cz_binance 币安链团队的安全意识不应该这么差啊🤔 https://t.co/92pIg76xGP pic.twitter.com/CYnVRHEfri— 23pds (山哥) (@im23pds) October 1, 2025
The Inferno Drainer is a wallet-draining service that surfaced in 2022, operating as a phishing-as-a-service platform with ready-made templates that mimic legitimate crypto platforms. Affiliates use these templates to lure victims into connecting their wallets, after which funds are drained almost instantly.
Crypto hackers swindle $306 million in Q3
The breach of BNB Chain’s X account comes during a year of frequent mid-sized crypto hacks, and one massive exploit that saw Bybit lose over $1 billion. According to Finbold’s Q3 2025 Cryptocurrency Market Report in conjunction with SlowMist, the crypto market lost $306.7 million in hacks during the third quarter alone.
Unlike the first quarter, when a $1.5 billion Bybit incident was the headline, the third quarter was characterized by a cluster of smaller but damaging breaches. The largest was the $54 million theft from Turkish exchange BtcTurk, where details of the attack are still unknown.
Other incidents included $44.2 million stolen from CoinDCX due to a security flaw, $42 million drained from GMX via a reentrancy exploit, $41.5 million lost at SwissBorg because of a third-party vulnerability, and $27 million stolen from BigONE in a supply chain attack.
Data from blockchain security firm CertiK showed that in the month of September, platforms lost $155.9 million. Of this amount, $26.4 million came directly from phishing attacks, alongside 14 exploits each resulting in losses of at least $1 million.
Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free.
Recommended Articles
