Binance co-CEO Yi He turned the newest sufferer of a classy social media hack when cybercriminals took management of her WeChat account on December 9, 2025.
The attackers used her compromised profile to advertise a meme token known as MUBARA, making roughly $55,000 by means of a pump-and-dump scheme.
The hack occurred simply days after Yi He was promoted to co-CEO alongside Richard Teng throughout Binance Blockchain Week in Dubai. This timing gave the fraudulent posts additional credibility amongst crypto merchants who trusted her obvious endorsement.
How the Assault Labored
The hackers gained entry by means of an previous cellphone quantity that was beforehand linked to Yi He’s WeChat account. In China, telecom corporations sometimes reassign unused cellphone numbers to new prospects after simply three months. This follow created a safety hole that the attackers exploited.
“WeChat was deserted way back, and the cellphone quantity was seized to be used. It can’t be recovered at current,” Yi He defined in a translated post on X (previously Twitter).
Blockchain analytics agency Lookonchain tracked the scammers’ actions in actual time. The attackers created two new cryptocurrency wallets and spent 19,479 USDT to purchase 21.16 million MUBARA tokens earlier than posting the faux endorsements. As soon as Yi He’s followers began shopping for the token, its value spiked considerably and the market worth reached $Eight million.
Supply: @heyibinance
The scammers then rapidly bought 11.95 million tokens for 43,520 USDT whereas maintaining 9.21 million tokens price about $31,000. Their complete revenue reached roughly $55,000, in accordance with Lookonchain’s analysis.
Rising Sample of Crypto Govt Assaults
This incident follows a troubling development of hackers concentrating on outstanding cryptocurrency figures by means of conventional social media platforms. On November 30, Tron founder Justin Solar’s WeChat account was compromised utilizing comparable techniques.
Safety consultants observe that these assaults particularly goal “Web3 huge photographs” as a result of their endorsements carry important weight in crypto communities. A single put up from a revered government can drive tens of millions of {dollars} in buying and selling quantity inside minutes.
Changpeng Zhao, Binance’s founder, rapidly warned customers concerning the hack. “Don’t purchase meme cash from the hackers posts. Net 2 social media safety just isn’t that sturdy. Keep safu!” he posted on X.
Technical Vulnerabilities in WeChat Safety
SlowMist founder Yu Xuan, a number one blockchain safety skilled, defined how these WeChat takeovers occur. In line with his analysis, attackers solely must contact two “frequent contacts” on the goal’s buddy checklist to realize account entry. These contacts is likely to be individuals who had been by no means straight messaged however had been merely added as associates or met briefly in group chats.
“The barrier to assaults could be surprisingly low,” Yu Xuan famous in his safety evaluation. He warned that high-profile crypto customers who focus on buying and selling or pockets administration on WeChat face particularly excessive dangers.
The vulnerability is especially critical in China, the place WeChat serves as each a messaging app and cost platform with over 1 billion customers. Many cryptocurrency merchants in Asia use WeChat teams to share funding suggestions and coordinate trades, making faux endorsements particularly harmful.
Broader Safety Dangers for Crypto Trade
This hack highlights ongoing safety challenges going through the cryptocurrency business. Whereas blockchain expertise itself stays extremely safe, conventional social media platforms create new assault vectors for cybercriminals.
The incident additionally occurred throughout different safety challenges for Binance-related platforms. On October 1, hackers compromised BNB Chain’s official X account and posted phishing hyperlinks that resulted in $8,000 in consumer losses.
These assaults work as a result of they exploit belief relatively than technical vulnerabilities. When followers see posts from accounts they acknowledge, they typically act rapidly with out verifying the data by means of different sources.
Restoration and Prevention Measures
Binance labored with WeChat’s safety group to revive Yi He’s account entry. The corporate confirmed that the hack didn’t have an effect on any of Binance’s inside methods or consumer funds.
Safety consultants suggest a number of steps to stop comparable assaults:
-
Take away previous or unused contacts from social media accounts
-
Change passwords repeatedly, particularly for dormant accounts
-
Reply instantly to suspicious login alerts
-
Keep away from linking crucial accounts to cellphone numbers that is likely to be reassigned
For cryptocurrency customers, consultants stress the significance of verifying funding recommendation by means of a number of unbiased sources earlier than making buying and selling selections.
The $55,000 Wake-Up Name
The Yi He WeChat hack serves as a stark reminder that Web2 safety weaknesses proceed to threaten the crypto business. As digital property develop into extra mainstream, cybercriminals are discovering new methods to use the belief that customers place in social media platforms and public figures.
The $55,000 revenue from this single assault, whereas comparatively small in comparison with main crypto hacks, demonstrates how rapidly criminals can monetize compromised accounts. For the crypto neighborhood, this incident underscores the necessity for higher safety practices throughout all platforms, not simply blockchain networks themselves.
Sven Luiv Sven Luiv Read More
