A new political storm is brewing in Washington. House Republicans have announced they are probing the mysterious deletion of text messages from former SEC Chair Gary Gensler, raising fresh concerns about transparency at the regulator during his tenure between 2021 and 2025.

In a letter sent Tuesday to current SEC Chair Paul Atkins, House Financial Services Committee Chairman French Hill said lawmakers are engaging with the agency’s Office of Inspector General (OIG) after its September findings revealed that Gensler’s texts — including those linked to enforcement actions against crypto companies — were lost.

ALSO READ : Aptos strikes surprise deal with Trump family’s World Liberty Finance to launch USD1 stablecoin… here’s what it means

“The Committee is engaging with the OIG to learn more about their report, seek clarity on outstanding questions, and discuss additional areas that require further oversight and investigation,” Hill wrote.

Deleted texts linked to crypto enforcement

The OIG report found that some of the deleted communications were directly tied to SEC enforcement actions against crypto firms and their founders. This revelation has intensified criticism from the digital asset industry, which has long accused Gensler of leading a “war on crypto” under the Biden administration.

Critics allege that the SEC under Gensler pressured banks to restrict services to crypto businesses and launched a barrage of lawsuits against firms like Ripple, Coinbase, and other blockchain players. Many industry leaders argue this approach stifled innovation in the U.S., pushing talent and capital offshore.

Republicans accuse Gensler of double standards

The House Republicans’ letter, co-signed by Ann Wagner, Dan Meuser, and Bryan Steil, accused Gensler of hypocrisy. They noted that under his leadership, the SEC fined several Wall Street firms more than $400 million in 2023 for record-keeping failures — while his own agency suffered from what the OIG described as “poor change management, lack of proper backup devices, ignored system alerts, and unaddressed vendor software flaws.”

The missing texts, Republicans argue, could mean that the public may never know the full context of how and when the SEC decided to pursue certain high-profile cases.

Security failures added to the controversy

This is not the first time the SEC’s internal practices have come under fire. In January 2024, the agency’s official X account was hacked and falsely announced the approval of a spot Bitcoin ETF, triggering market chaos. Later, X confirmed the SEC did not have two-factor authentication enabled at the time — a basic security measure widely expected of government institutions.

For lawmakers already skeptical of Gensler’s leadership, the combination of poor cybersecurity and deleted communications paints a picture of an agency lacking in accountability.

A test for transparency and trust

The investigation underscores the larger battle in Washington over digital assets. For Republicans, probing Gensler’s actions is as much about accountability as it is about shaping future regulatory frameworks for crypto.

Industry voices say the controversy could help accelerate calls for clearer, pro-growth regulation in the U.S. “If the SEC can’t even keep its own house in order, how can it fairly regulate one of the fastest-growing industries in the world?” one blockchain lobbyist remarked.

As the probe unfolds, the unanswered questions remain: Were these deleted texts an innocent case of bad record management, or do they hint at deeper political maneuvering during Gensler’s time in office?

For now, one thing is certain — the clash over Gensler’s deleted texts ensures that the SEC’s role in crypto regulation will stay in the spotlight long after his departure.

The BNB Chain blockchain network, one of the largest ecosystems in the cryptocurrency world, faced a serious security breach on Wednesday after its official X account with nearly four million followers was hijacked by hackers. The attackers used the verified account to spread phishing links disguised as legitimate wallet connection prompts, tricking unsuspecting users into compromising their crypto holdings.

The incident quickly caught the attention of Changpeng “CZ” Zhao, founder of Binance, who confirmed the compromise on his personal X handle. “The hacker posted a bunch of links to phishing websites that ask for Wallet Connect. Do NOT connect your wallet,” CZ wrote, urging the crypto community to remain vigilant.

ALSO READ : Trump family linked American Bitcoin seals Nasdaq debut after merger with Gryphon shareholders say yes

Inferno Drainer suspected behind attack

According to SlowMist’s chief information security officer, known online as 23pds, the attack was linked to the infamous Inferno Drainer group. This group, which first emerged in 2022, is notorious for its “phishing-as-a-service” model, allowing affiliates to deploy pre-built fraudulent sites mimicking official crypto project interfaces.

In this case, the hackers used a subtle but effective trick — swapping the letter i with l in the phishing domain — a classic method to deceive users scanning URLs quickly. “BNB Chain’s English official X account has been hacked! The phishing website changed the letter i into l,” 23pds warned in his post.

The Inferno Drainer has already been linked to multiple wallet-draining scams across different blockchains, raising growing concerns about the security awareness of crypto projects, even those as large as BNB Chain.

Response from BNB Chain team

A BNB Chain spokesperson told Cointelegraph that their team is still investigating how the attackers gained access. “We are working closely with our security partners to identify the root cause and will share confirmed details as soon as they are available,” the spokesperson said.

By 8:26 am UTC, the team confirmed that it had regained control of its X account. A total of 10 phishing links had been posted during the breach, resulting in combined user losses of approximately $8,000 across chains. The team reassured the community that all affected users will be fully reimbursed.

CZ doubles down on security advice

CZ, who often reminds his followers about the importance of security, reiterated that users should never blindly trust posts from verified handles. “Always check the domains very carefully, even from official X handles. Stay SAFU!” he wrote, referencing the popular crypto slang for “Stay Safe.”

The breach has reignited discussions about the vulnerability of official crypto project accounts, which often serve as primary communication channels with millions of investors. Many experts argue that two-factor authentication and stricter access controls should be non-negotiable standards for such high-profile accounts.

A reminder for the crypto community

While the monetary damage in this case was relatively contained, the attack highlights just how easily even official accounts can be compromised. For new investors who may not scrutinize every domain, such scams can cause devastating losses.

The incident is a fresh reminder that phishing remains one of the biggest threats to digital assets. As the crypto industry continues to expand, so too do the tactics of bad actors. The onus now lies on both blockchain projects to secure their channels and on users to practice relentless caution.

As one industry analyst noted, “The moment you think you can’t be fooled is the moment you’re most vulnerable.”

The crypto community is once again on high alert. A new, advanced phishing campaign has surfaced that is hijacking the X accounts of crypto personalities, verified users, and even journalists — and it’s proving alarmingly difficult to detect.

ALSO READ : China opens Shanghai digital yuan hub to rival US dollar but here’s the bigger plan

Unlike traditional scams that rely on fake login pages or stolen credentials, this campaign abuses X’s own app authorization system, effectively bypassing both passwords and two-factor authentication (2FA).

Crypto developer Zak Cole was among the first to raise the alarm. In a post on Wednesday, he warned:

Zero detection. Active right now. Full account takeover.

Cole explained that the attack doesn’t look like a scam at first glance, making it one of the most credible and dangerous phishing campaigns targeting crypto users in recent memory.

How the phishing trick works

The attack begins with a direct message on X that appears to include a link from the official Google Calendar domain, thanks to how X’s link preview system displays metadata. In Cole’s case, the message seemed to come from a representative of Andreessen Horowitz, the Silicon Valley venture capital firm.

But in reality, the link directed users to “x(.)ca-lendar(.)com”, a fake domain registered just days earlier. Once clicked, users were redirected through a JavaScript script to an X authentication page asking them to grant permissions to an app disguised as “Calendar.”

At first glance, the app name seemed genuine. But on closer inspection, two Cyrillic characters were used in place of Latin letters, creating a near-perfect imitation. Once permissions were granted, the attackers gained full control of the victim’s X account — including the ability to post, delete, update settings, and follow or unfollow accounts

MetaMask researcher Ohm Shah confirmed seeing the attack “in the wild,” suggesting the campaign has already spread widely. Even an OnlyFans model was reportedly targeted by a less sophisticated version of the scam.

The subtle red flags

While difficult to detect, a few hints might save careful users. Cole noted that:

• The link briefly displayed the suspicious domain before redirecting.
• The authorization page requested extensive permissions, far beyond what a calendar app would reasonably need.
• Victims were redirected to Calendly.com at the end — an inconsistency that exposed the spoof.

As Cole quipped: “Calendly? They spoofed Google Calendar but redirect to Calendly? Major operational security failure.”

How to protect yourself

Cole shared a GitHub report advising users to immediately check their X connected apps page. If you see any application named “Calendar,” revoke its access right away.

He also criticized X’s lack of app vetting, pointing out that malicious apps can sneak into the system:

Apps should be checked before they’re listed and re-checked routinely so a legit app can’t be swapped for something malicious later.

He further urged that:

• The consent screen should show the real publisher and verified identity.
• Lookalike domains should be blocked.
• Any app requesting full account control must be manually reviewed.

A bigger warning for the crypto world

This isn’t just another phishing scam. By exploiting X’s own systems, attackers have created a new class of social engineering attack that is harder to detect, harder to block, and more damaging when successful.

With the crypto industry heavily dependent on X for communication, networking, and market updates, the stakes are higher than ever. Verified accounts hold immense influence, and a single compromised profile can mislead thousands of followers in seconds.

As Cole warned: “If you’re high risk, you need to assume every outreach is hostile, audit connected apps often, and watch your account activity for signs someone else is in the driver’s seat.”