Quick Breakdown
- Hackers compromised BNB Chain’s official X account, promoting fake BNB airdrops.
- CZ and the BNB Chain team confirmed the breach, warning users to avoid malicious links.
- Experts suggest the hack stemmed from human error or a “social-layer attack” rather than blockchain vulnerabilities.
BNB Chain’s official X account has been compromised, with hackers using the platform to promote fake airdrop campaigns. The incident has triggered widespread warnings from former Binance CEO Changpeng Zhao (CZ) and the BNB Chain team, urging users to avoid clicking on suspicious links.
Hack confirmed by CZ and BNB chain team
On October 1, CZ confirmed that the official BNB Chain X account had been taken over by an unidentified party. Hackers began pushing multiple posts promoting a “BNB HODLer airdrop,” directing users to a fraudulent website posing as bnbchain.org.
ALERT 🚨: The @BNBCHAIN X account is compromised.
The hacker posted a bunch of links to phishing websites that ask for Wallet Connect.
Do NOT connect your wallet.
Security teams have notified X already, working to suspend the account first, then restore access.
Also take-down… https://t.co/QeEnCCbFZe
— CZ 🔶 BNB (@cz_binance) October 1, 2025
“Security teams have notified X already, working to suspend the account first, then restore access. Also take-down requests to take down all phishing websites,”
CZ wrote. He warned users to double-check domains, even if they appear to come from verified X accounts.
BNB Chain’s Chinese-language account also verified the breach, stressing that the English account had been hacked and warning followers not to interact with any suspicious links.
Community raises concerns over security
The attack sparked debate within the crypto community over the security of verified X accounts. Despite BNB Chain’s “gold check mark,” hackers managed to infiltrate the account, raising questions about the platform’s ability to safeguard official channels.
“If a golden account can’t be secured, what’s the purpose of subscribing and paying that huge amount?”
one X user criticized.
Possible cause: human error or social-layer attack
Experts have weighed in on how the breach might have occurred. Ilan Rakhmanov, CEO of ChainGPT, suggested that a BNB Chain team member may have unknowingly granted posting permissions to a malicious third-party application.
Shanaka Anslem Perera, CEO of Pet Express Sri Lanka, described the breach as a “social-layer attack,” emphasizing that it was not the blockchain itself but the X account that was compromised. He advised the BNB team to freeze the account, revoke authenticator sessions, and publish a post-mortem for transparency.
As of 06:00 AM UTC, the phishing posts had been removed, but the team is still working on regaining control.
Meanwhile, BNB Chain validators submitted a proposal to halve gas fees and speed up block intervals, aiming to strengthen the network’s position as a leading venue for high-frequency trading and DeFi activity.
If you want to read more market analyses like this one, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
