Hackers hacked the BNB Chain account on X and posted phishing links

Key points:

• The hacked X account with 4 million followers posted phishing links disguised as Wallet Connect and the BSC rewards program.
• CZ urged users to ignore suspicious posts and check domains, even if they are from verified accounts.
• SlowMist linked the attack to the Inferno Drainer group.

The official account of the BNB Chain blockchain network, with nearly 4 million followers, was hacked. Hackers used the page to post phishing links disguised as legitimate services and BSC token giveaways.

Binance founder Changpeng Zhao confirmed the hack and warned subscribers about the risk. He asked users not to click on malicious links and emphasized that even posts from official accounts may contain spoofed domains.

source: x.com

Attackers’ tactics

SlowMist reports that the attackers used letter substitution in the domain to make it look real. This method is often used to deceive Wallet Connect users.

According to SlowMist, the malicious websites are linked to the Inferno Drainer group. It provides ready-made tools for phishing cryptocurrency wallets, allowing partners to deploy copies of popular services and steal victims’ funds.

source: x.com

One of the first posts from the hacked account offered users the chance to participate in the “BSC rewards program” and bonuses for connecting within 24 hours. In reality, the link redirected to a fake resource designed to steal private keys and assets.

BNB Chain confirmed the incident and said it was restoring access and removing phishing domains.

Experts note that the case is yet another reminder of how vulnerable the official accounts of crypto projects are. SlowMist emphasized that the leak raises questions about the cybersecurity methods of BNB Chain itself.

Phishing remains one of the most common types of attacks. According to analysts, tens of millions of dollars are lost annually due to fake websites and applications posing as popular services.

GetBlock AML Research

GetBlock AML Research recently conducted a detailed analysis of the problem of phishing attacks on X. The study revealed that attackers are widely distributing links to copies of trading platforms and cryptocurrency wallets. Users are motivated by “token airdrops” or “bonus programs.” In reality, connecting a wallet to such sites leads to the theft of all available cryptocurrency.

Why you shouldn’t follow the links on X: real phishing cases

Phishing links on X have become a frequent and widespread phenomenon because many users of the social network can’t identify malicious content

Read more

Experts recommend that users always double-check website addresses and avoid clicking on links from social media, even if they come from official accounts.