Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / Bravenewcoin /
Binance Co-CEO Yi He’s WeChat Hacked in $55,000 Crypto Scam—What It Reveals About Security

Binance Co-CEO Yi He’s WeChat Hacked in $55,000 Crypto Scam—What It Reveals About Security

Author:
Bravenewcoin
Published:
2025-12-10 19:00:18
13
3

Even the top brass aren't safe. A high-profile hack targets Binance leadership, exposing vulnerabilities where you'd least expect them.

The Breach That Shouldn't Have Happened

The digital wallets of crypto's elite are supposed to be fortresses. Multi-signature protocols, cold storage, the works. Yet this breach didn't target a blockchain—it went after a messaging app. It's a stark reminder: your security is only as strong as its weakest link, and sometimes that link is the software you use to chat.

The $55,000 Wake-Up Call

The sum itself is almost a footnote for an exchange processing billions. But the symbolism carries more weight than the dollar amount. It proves that social engineering and platform exploits can bypass even the most rigorous on-chain defenses. The industry preaches self-custody, but this incident shows the human element remains the critical attack vector.

A Pattern, Not an Anomaly

This isn't a one-off. It fits a growing pattern of attacks shifting from pure code exploitation to identity and communication channel compromise. Scammers aren't just writing smarter contracts; they're crafting better phishing messages and exploiting app permissions.

The Ironic Trust Paradox

Here's the cynical finance jab: an industry built on 'don't trust, verify' still runs on trust—trust in app developers, trust in device security, trust that your login screen isn't a clever fake. We've decentralized money but concentrated risk in our everyday digital habits.

The takeaway? Assume every platform is compromised. Double-check everything. And maybe—just maybe—don't keep the keys to a digital fortune on the same device where you send memes to friends. The market might be bullish, but the threat landscape is downright predatory.

Binance Co-CEO Yi He's WeChat Account Hacked in $55,000 Crypto Scam

The attackers used her compromised profile to promote a meme token called MUBARA, making approximately $55,000 through a pump-and-dump scheme.

The hack occurred just days after Yi He was promoted to co-CEO alongside Richard Teng during Binance Blockchain Week in Dubai. This timing gave the fraudulent posts extra credibility among crypto traders who trusted her apparent endorsement.

How the Attack Worked

The hackers gained access through an old phone number that was previously linked to Yi He’s WeChat account. In China, telecom companies typically reassign unused phone numbers to new customers after just three months. This practice created a security gap that the attackers exploited.

“WeChat was abandoned long ago, and the phone number was seized for use. It cannot be recovered at present,” Yi He explained in a translated post on X (formerly Twitter).

Blockchain analytics firm Lookonchain tracked the scammers’ activities in real time. The attackers created two new cryptocurrency wallets and spent 19,479 USDT to buy 21.16 million MUBARA tokens before posting the fake endorsements. Once Yi He’s followers started buying the token, its price spiked significantly and the market value reached $8 million.

How the Attack Worked

Source: @heyibinance

The scammers then quickly sold 11.95 million tokens for 43,520 USDT while keeping 9.21 million tokens worth about $31,000. Their total profit reached approximately $55,000, according to Lookonchain’s analysis.

Growing Pattern of Crypto Executive Attacks

This incident follows a troubling trend of hackers targeting prominent cryptocurrency figures through traditional social media platforms. On November 30, TRON founder Justin Sun’s WeChat account was compromised using similar tactics.

Security experts note that these attacks specifically target “Web3 big shots” because their endorsements carry significant weight in crypto communities. A single post from a respected executive can drive millions of dollars in trading volume within minutes.

Changpeng Zhao, Binance’s founder, quickly warned users about the hack. “Do not buy meme coins from the hackers posts. Web 2 social media security is not that strong. Stay safu!” he posted on X.

Technical Vulnerabilities in WeChat Security

SlowMist founder Yu Xuan, a leading blockchain security expert, explained how these WeChat takeovers happen. According to his research, attackers only need to contact two “frequent contacts” on the target’s friend list to gain account access. These contacts might be people who were never directly messaged but were simply added as friends or met briefly in group chats.

“The barrier to attacks can be surprisingly low,” Yu Xuan noted in his security analysis. He warned that high-profile crypto users who discuss trading or wallet management on WeChat face especially high risks.

The vulnerability is particularly serious in China, where WeChat serves as both a messaging app and payment platform with over 1 billion users. Many cryptocurrency traders in Asia use WeChat groups to share investment tips and coordinate trades, making fake endorsements especially dangerous.

Broader Security Risks for Crypto Industry

This hack highlights ongoing security challenges facing the cryptocurrency industry. While blockchain technology itself remains highly secure, traditional social media platforms create new attack vectors for cybercriminals.

The incident also occurred during other security challenges for Binance-related platforms. On October 1, hackers compromised BNB Chain’s official X account and posted phishing links that resulted in $8,000 in user losses.

These attacks work because they exploit trust rather than technical vulnerabilities. When followers see posts from accounts they recognize, they often act quickly without verifying the information through other sources.

Recovery and Prevention Measures

Binance worked with WeChat’s security team to restore Yi He’s account access. The company confirmed that the hack did not affect any of Binance’s internal systems or user funds.

Security experts recommend several steps to prevent similar attacks:

  • Remove old or unused contacts from social media accounts

  • Change passwords regularly, especially for dormant accounts

  • Respond immediately to suspicious login alerts

  • Avoid linking critical accounts to phone numbers that might be reassigned

For cryptocurrency users, experts stress the importance of verifying investment advice through multiple independent sources before making trading decisions.

The $55,000 Wake-Up Call

The Yi He WeChat hack serves as a stark reminder that Web2 security weaknesses continue to threaten the crypto industry. As digital assets become more mainstream, cybercriminals are finding new ways to exploit the trust that users place in social media platforms and public figures.

The $55,000 profit from this single attack, while relatively small compared to major crypto hacks, demonstrates how quickly criminals can monetize compromised accounts. For the crypto community, this incident underscores the need for better security practices across all platforms, not just blockchain networks themselves.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2025 BTCC.com. All rights reserved

All articles reposted on this platform are sourced from public networks and are intended solely for the purpose of disseminating industry information. They do not represent any official stance of BTCC. All intellectual property rights belong to their original authors. If you believe any content infringes upon your rights or is suspected of copyright violation, please contact us at [email protected]. We will address the matter promptly and in accordance with applicable laws.BTCC makes no explicit or implied warranties regarding the accuracy, timeliness, or completeness of the republished information and assumes no direct or indirect liability for any consequences arising from reliance on such content. All materials are provided for industry research reference only and shall not be construed as investment, legal, or business advice. BTCC bears no legal responsibility for any actions taken based on the content provided herein.