In a short update posted from the BNB Chain account, the team wrote, “We’re back! The team has regained full access of the BNB Chain account,” and added that the root cause of the breach was still being investigated. The post also confirmed that the estimated damage was $8,000 and that “the victims will be compensated fully.”
Security researchers filled in more of the picture. BNB Chain said attackers published ten phishing links that tricked users into connecting wallets, and that the single largest victim lost about $6,500. Investigators also flagged one malicious smart contract that the attacker deployed.
According to on-chain tracing reported by multiple outlets, the attacker initially injected around 17,800 tokens into that contract and later exited, swapping the meme tokens for roughly $22,000. That sequence left the attacker with a profit on their own dump, while users who connected their wallets lost funds spread across several chains.
SlowMist and other security shops quickly weighed in, linking the phishing domains used in the posts to the notorious “Inferno” drainer/affiliated phishing infrastructure, a piece of malware-as-a-service that has been used in several wallet-draining campaigns.
SlowMist’s public warnings focused on subtle domain spoofing (for example, substituting similar letters) and urged users not to sign transactions or connect wallets to sites linked from the compromised account. BNB Chain and Binance personnel also urged followers to double-check domains and avoid interacting with any suspicious links.
While BNB Chain’s statement emphasized $8,000 in user losses, some reports that followed the on-chain activity estimated the attacker’s total movements at closer to $13,000 when you include the tokens the attacker handled personally. In plain terms, the attacker’s own on-chain swaps and the amounts taken from victims don’t always map one-to-one, but the project’s priority now is reimbursing affected users and hardening account security.
Market Reaction
The market reaction to the breach was muted. BNB (the native token of BNB Chain) traded roughly around the $1,000 mark through the episode, bouncing in a narrow band and showing only minor intraday volatility, an indication that traders saw the incident as a reputational and social-media security failure rather than a threat to the chain’s fundamentals. Real-time price feeds placed BNB just above $1,000 at the time of reporting.
What makes incidents like this notable is how quickly social engineering can translate into real losses. The attack relied not on a protocol exploit but on trust: a verified account with millions of followers, briefly controlled by an attacker, was used as a megaphone to amplify phishing sites.
BNB Chain thanked the community and security partners for rapid reporting and said it would continue to prioritize transparency as investigations proceed and reimbursements are processed. The team also pledged to release further updates as they complete their internal review.
For users, the takeaway is familiar but worth repeating: treat signed transactions and WalletConnect prompts with extreme caution, confirm domains (letter swaps and lookalikes are a common trick), and move funds to secure custody if you suspect exposure. BNB Chain’s promise of full compensation will be closely watched. Projects that follow through on reimbursements help rebuild user trust, but the industry’s broader challenge remains preventing social-media takeovers before they can be weaponized.
Go to Source
Author: NixCoin