Newly appointed Binance co-CEO and co-founder Yi He revealed on X that her WeChat account was compromised after an old mobile number was taken over, underscoring how Web2 messaging apps can be exploited to impersonate crypto leaders.
“WeChat was abandoned long ago, and the phone number was seized for use. It cannot be recovered at present,” she wrote in a translated post.
Blockchain analytics firm Lookonchain reported that following the breach, attackers promoted a token called Mubarakah, driving up its price. The firm estimates the hackers profited about $55,000 from the scheme.
The incident comes just days after Yi He was named co-CEO of Binance. CEO Richard Teng announced her promotion at Binance Blockchain Week in Dubai, calling the move a “natural progression.”
SlowMist’s founder detailed ways to avoid this attack vector, noting that it mirrors a previous WeChat breach in November involving Tron founder Justin Sun. On Nov. 30, Sun announced on X that his account had been hacked and that he had reached out to the platform in an attempt to regain access.
Following the latest incident, SlowMist founder Yu Xuan re-shared an explainer on how WeChat account takeovers can unfold, cautioning that the bar for exploitation is often much lower than users realize.
Based on his testing, an attacker with access to leaked login credentials could potentially hijack an account simply by reaching out to two “frequent contacts.” These could include people the victim never messaged directly — users added as friends or interacted with briefly in group chats.
Xuan also noted that in China, mobile carriers typically recycle inactive phone numbers after about three months. This practice, he warned, leaves SIM-linked accounts vulnerable to credential stuffing, recovery loopholes, and targeted social engineering.
He advised users — particularly high-profile figures who interact with OTC traders or discuss wallets — to avoid adding unfamiliar contacts, to rotate passwords regularly, and to act quickly if they receive login alerts.
CZ issues reminder on memecoin scams
Binance co-founder Changpeng Zhao added on X that he, too, hasn’t used WeChat in a long time. Still, he cautioned that he would never promote any memecoin contract addresses through the account, offering one more reminder for users to stay vigilant as Web2-related risks escalate.
The incident comes just months after BNB Chain’s official X account was breached. On Oct. 1, attackers seized control of the blockchain network’s social media and began posting phishing links.
BNB Chain later told Cointelegraph that 10 malicious links were shared and users lost a total of $8,000 — all of which has since been fully reimbursed.
