The official X account of the BNB Chain blockchain network, boasting nearly four million followers, was hacked on Wednesday. Cybercriminals exploited the account to disseminate phishing links targeting cryptocurrency wallets.
Binance founder Changpeng “CZ” Zhao confirmed the breach, urging his followers not to engage with the malicious posts containing phishing links. “The hacker posted numerous links to phishing websites that request Wallet Connect. Do NOT connect your wallet,” CZ advised.
He noted that BNB Chain’s security teams have alerted X and are in the process of suspending the account and regaining access. Zhao mentioned that takedown requests for the phishing sites have already been initiated.
A member of the BNB Chain team informed Cointelegraph that their team is actively investigating and will provide more details soon.
Phishing links disguised as Wallet Connect prompts
SlowMist’s chief information security officer, known as 23pds on X, stated that the attackers utilized a common tactic, altering letters in the phishing domain to make it seem authentic.
“BNB Chain’s official English X account has been hacked! The phishing site changed the letter i into l,” 23pds shared, cautioning users not to fall for the trick. The security expert also suggested that the malicious domain is associated with the notorious Inferno phishing group.
The Inferno Drainer is a crypto wallet-draining tool and phishing-as-a-service platform that surfaced around 2022 and gained infamy in 2023. It enables its affiliates to launch ready-made phishing sites that mimic legitimate cryptocurrency project interfaces.
This incident underscores the difficulties in safeguarding official cryptocurrency project accounts from hacks. The SlowMist CISO remarked that the breach raises concerns about the team’s security measures.
“The BNB Chain team’s security awareness shouldn’t be this lacking,” 23pds commented.
Related: Protect your crypto: Rising ‘try my game’ Discord scam
CZ warns users to check domains carefully
In his X post, Zhao warned community members to meticulously check domains, even when links originate from official or verified social media accounts. “Always examine the domains carefully, even from official X accounts. Stay SAFU!” he emphasized.
As of now, the phishing posts are no longer visible, but it remains uncertain if any users connected their wallets or suffered financial losses.
Magazine: Avalanche partners with ETF giant, yuan stablecoin ‘fake news’: Asia Express
