Hackers Hijack Yi He’s WeChat Account to Promote Mubarakah Memecoin - Security Breach Sparks Crypto Community Alarm
Another day, another crypto hack—this time targeting a high-profile figure's social media. Hackers breached Yi He's WeChat account, using it to pump the Mubarakah memecoin. The incident exposes the persistent vulnerability of even the most connected players in the digital asset space.
Anatomy of a Takeover
The attack followed a classic playbook: gain access, then broadcast. Followers saw unauthorized posts promoting Mubarakah, a relatively obscure token that suddenly found itself in an unwelcome spotlight. No sophisticated blockchain exploit here—just old-fashioned account hijacking turned into a modern promotional scam.
Security Theater in Web3
While decentralized networks tout their security, the centralized points of failure—social media accounts, email inboxes—remain glaring weak spots. This breach highlights how off-chain vulnerabilities can directly impact on-chain perception and value, a lesson the industry keeps learning the hard way.
The Memecoin Manipulation Playbook
Hijacked accounts have become a distressingly common launchpad for memecoin pumps. Attackers leverage trust and reach, then disappear—leaving both the compromised individual and gullible followers to deal with the aftermath. It's the digital equivalent of a smash-and-grab, with less broken glass and more broken trust.
When Your Brand Becomes the Attack Vector
For influencers and executives, social media accounts aren't just communication tools—they're valuable assets. This incident serves as another stark reminder that digital hygiene matters as much as wallet security. Because sometimes the weakest link isn't in the code, but in the login credentials.
The takeaway? In crypto, your reputation can be hacked just as easily as your hot wallet—and both can be used to push questionable tokens to the masses. Just another reminder that in the rush to decentralize everything, we might want to secure the centralized choke points first. After all, what's the point of an immutable ledger if the messages about it come from a compromised account?
Attacker created two wallets, walked away with $55K profit
Per blockchain records shared by Lookonchain, the perpetrator created two new wallets about 5 hours after the breach and began buying large quantities of the memecoin using funds supplied through stablecoin Tether (USDT).
Someone hacked @heyibinance's WeChat account, and posted about $Mubarakah, sending the token's price soaring. @cz_binance
The hacker created 2 new wallets(0x6739 and 0xD0B8) ~7 hours ago and spent 19,479 $USDT to buy 21.16M $Mubarakah.
After the pump, the hacker has already… pic.twitter.com/39ncDQjgSe
— Lookonchain (@lookonchain) December 10, 2025
The purchases caused upward pressure on the token’s price, allowing the attackers to unload part of their holdings at a significant gain before interest cooled. Lookonchain disclosed the hacker bought more than 21 million units of the token for $19.7K in USDT units. When the price peaked at around 1 AM UTC on Wednesday, they sold nearly 12 million Mubarakah for about $43,500.
The wallets retained more than 9 million tokens valued at roughly $31,000 at the time of the transactions, while the combined haul placed the attacker’s profit NEAR $55,000. Zhao posted a warning on X, saying, “Web2 social media security is not that strong. Stay safu!”
Yi He told reporters she no longer uses WeChat and that the phone number linked to the account was taken over, so recovery was impossible.
The Mubarakah token was launched on March 18 on the BNB Chain, and entered the market at a price of $0.00007767, according to CoinMarketCap. Its all time high price mark was achieved during the debut day, clocking $0.02604 before dropping down below $0.02 in April.
At the time of this reporting, the token is 88% down from its ATH, but is still 3,600% above its lowest level and 168% up its 24 hour lows, trading at $0.002818
Binance-related hacks in Q4 2025
This month’s breach on a Binance-affiliated social media account is the second instance of compromises connected to the exchange this quarter. Cryptopolitan reported in October that the official X account for BNB Chain was hijacked and used to spread a phishing LINK promising rewards payable in the network’s native asset, BNB. “Please do not click on any links recently posted from this account,” Zhao told users at the time.
The fraudulent post was incentivizing users to vote on an invented “upcoming rewards distribution” event, where said participants who acted within the first 24 hours WOULD receive benefits, later debunked as a phishing scheme.
An investigation revealed that the attackers deployed a single phishing contract and spread ten malicious links to several chains. Losses reached about $8,000, with one victim accounting for the majority after losing $6,500.
SimpleX Chat hacked to promote crypto, says no token launches underway
On the same day, Yi He’s WeChat account was used to pump-and-dump Mubarakah. Privacy-based messenger SimpleX Chat confirmed that its official X account was compromised to impersonate its interface and collect user wallet data.
SimpleX said hackers used the “delegate” feature on X to gain posting rights through an unauthorized third-party profile, then published a message promoting a program named “Perpetuals Early Access,” directing users to a phishing domain.
The post promised users a chance to “become a founding user of the perpetual communication network” and advertised “Security & Ownership That Never Expires.” The fraudulent message included a “Connect Wallet” button to trick users into granting permissions that would allow attackers to access their assets.
Founder Evgeny Poberezkin said the team temporarily lost access to two-factor authentication, blocking their attempts to log in or remove the post. Poberezkin admitted his personal account was also blocked by the attackers to prevent him from warning the public, although the company eventually restored control with help from the platform’s support team.
Get seen where it counts. Advertise in Cryptopolitan Research and reach crypto’s sharpest investors and builders.
