Binance Co-CEO Yi He’s WeChat Hacked in Brazen Meme Coin Scam—CZ Issues Urgent Alert

Just when you thought crypto security couldn't get more ironic.

Binance's new leadership faces its first public crisis—not from regulators or market swings, but from a compromised social media account. Co-CEO Yi He's WeChat was hijacked, broadcasting unauthorized promotions for a meme coin to her followers. Founder Changpeng Zhao (CZ) jumped in immediately, warning users to ignore the posts and confirming the breach.

The Anatomy of a Hack

For a trillion-dollar industry built on cryptographic security, the attack vector was almost laughably simple: a personal messaging app. The incident exposes the persistent human layer of vulnerability—the soft target between the secure blockchain and the user's screen. No cold wallets or two-factor authentication were needed here; just access to a single account.

Trust, Verification, and the New Playbook

CZ's swift public response is textbook crisis management. It reinforces a core tenet of the space: verify, don't trust—even when the message appears to come from the top. The hack also serves as a stark reminder that in crypto, authority is decentralized, but risk is omnipresent. Your funds are only as safe as the weakest link in the communication chain, which sometimes wears a suit and has 'CEO' in the title.

This isn't just a blip. It's a case study in modern digital risk, where a leader's hacked phone can trigger more panic than a 10% market dip. It proves that in finance's wildest frontier, the biggest threats aren't always the ones on the chart. Sometimes, they're in the chat.

After all, what's a little unauthorized token shilling between friends? Just another day building the future of finance—one security patch at a time.

Binance Highlights Yi He’s Contribution to Leadership and Vision

In response, Yi He said that she had not used WeChat in a long time, that her phone number associated with the app had been seized, and that she was unable to recover it. The hack happened about a week following the Binance appointment of Yi He as co-CEO at a June Binance Blockchain Week event.

微信被古早弃用手机号抢夺使用权，目前无法拿回。

Richard Teng, co-founder, admitted that Yi He has contributed to the culture, vision, and user-centric philosophy of the exchange since the beginning and has described her as a driving force. He further added that she had been promoted as a natural progression in the development of leadership at Binance as the company struggles to reach one billion users.

On-chain data shows that, within a very short time, the hack was converted into a trading scheme. The analytics platform Lookonchain described the incident as an account-hacked pump-and-dump of a lesser-known token called Mubarakah (MUBARA) on decentralized platforms.

Someone hacked @heyibinance's WeChat account, and posted about $Mubarakah, sending the token's price soaring. @cz_binance

The hacker created 2 new wallets(0x6739 and 0xD0B8) ~7 hours ago and spent 19,479 $USDT to buy 21.16M $Mubarakah.

After the pump, the hacker has already… pic.twitter.com/39ncDQjgSe

MUBARA Token Price Soars as Hackers Capitalize on WeChat Promotion

As the analysis demonstrates, an attacker gained access to the WeChat account of Yi He and utilized the seemingly legitimate endorsement to produce FOMO corresponding to MUBARA. In just a few hours, two new wallets were developed and began buying the token through PancakeSwap and other decentralized markets, spending a total of 19,479 USDT to acquire a total of around 21.16M MUBARA.

As traders went along with the promotion of WeChat, the price of the token and trading volume shot up with a steep rise on Dexscreener charts.

After adding liquidity, the wallets started selling into the rally. Lookonchain assesses that the attacker has already sold 11.95 million MUBARAs at 43,520 USDT and has 9.21 million tokens left to sell, totaling approximately $31,000, which means that the total profit will be nearly $55,000.

Practically, the attacker purchased at a low price, took advantage of the stolen account to create retail demand, and then sold much of the position when the price soared, leaving other buyers afterwards at risk of a rapid price rollback. The other tokens provide the hacker with additional space to sell in case the liquidity persists.