Account compromised
BNB Chain has regained control of its official X account following a security breach that saw the account used to post phishing links.
The breach prompted an immediate warning from Binance co-founder Changpeng “CZ” Zhao, who urged users not to click any recent links from the account.
Phishing attempt details
The unauthorized posts falsely promoted voting on an “upcoming $BSC rewards date,” claiming participants could receive early $BSC rewards within 24 hours. Phishing campaigns like this are designed to trick users into revealing sensitive information or transferring funds.
ALERT 🚨: The @BNBCHAIN X account may have been compromised.
— CZ 🔶 BNB (@cz_binance) October 1, 2025
Please do not click on any links recently posted from this account.
The teams are investigating and will share updates as soon as possible. 🙏
Binance co-founder Changpeng "CZ" Zhao alerted everyone about this threat. Source.
The attacker deployed a single phishing contract and ten malicious links, resulting in a total loss of approximately $8,000 across all chains. Most of the stolen funds came from one user who lost $6,500.
Despite the breach, the fraudulent links were quickly contained.
The BNB Chain team confirmed via a tweet that they had “regained full access” to the compromised account.
The root cause of the breach remains under investigation.
Update on Account Security Incident
— BNB Chain (@BNBCHAIN) October 1, 2025
We’re back! The team has regained full access of the @BNBCHAIN account.
The root cause of this breach is still under active investigation and we will share the updates as soon as we can. The estimated damage is $8K and the victims will be…
The most recent BNB Chain statement on this incident. Source.
Wider context of crypto theft
While this incident involved a relatively small sum, crypto theft has surged in 2025.
Chainalysis reports that by the end of June, roughly $2.17 billion had been stolen through exploits, already surpassing the total losses for all of 2024 and exceeding 2022 figures by around 17%.
If current trends continue, total stolen funds could exceed $4 billion by year-end.
A recent incident involving Venus Protocol illustrates the same risks: the project returned $11.4 million to a user after a phishing attack exploiting a fake Zoom client. Venus Protocol quickly paused platform operations and executed a community-approved forced liquidation to recover the stolen funds. Both cases show how phishing attacks are becoming increasingly sophisticated, targeting both high-profile platforms and individual users.
Prompt containment and transparency by the team helped limit losses, but these events conclude the importance of robust security measures, rapid incident response, and ongoing vigilance to protect user funds and maintain trust in decentralized networks.
Oleksii Shumak
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource, and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice. HODL FM strongly recommends contacting a qualified industry professional.
