Binance Co-CEO Yi He WeChat Hack Exposes Massive Security Gaps in Crypto Leadership
Over $2.17 billion was stolen in crypto hacks by mid-2025, yet the latest Yi He WeChat hack proves that the biggest threats to crypto executives don’t come from sophisticated blockchain exploits. Binance founder Changpeng Zhao confirmed that newly appointed co-CEO Yi He’s WeChat account was hacked late Tuesday and used to promote a little-known memecoin, transforming a simple social media breach into a profitable pump-and-dump scheme that sent the token up more than 900% within hours and allowed scammers to profit roughly $55,000.
The timing couldn’t be worse for Binance’s new leadership structure. Yi He was just made co-CEO with Richard Teng a few days before this incident, part of a broader restructuring announced at Binance Blockchain Week in Dubai. Her promotion from chief customer service officer to co-CEO made her one of the most powerful women in cryptocurrency—and apparently, one of the most targeted.
How the Yi He WeChat Hack Unfolded
The attack began with a textbook example of Web2 vulnerability exploitation. Yi He said her WeChat account was hacked after an outdated phone number associated with it was compromised. Yi He’s old number had been reassigned, allowing attackers to bypass WeChat’s SMS-based two-factor authentication, a known weakness in services that tie identity to mobile carriers rather than hardware-based security.
Once inside the account, hackers moved quickly to capitalize on their access. Analytics account Lookonchain identified two newly created wallets that accumulated roughly 21.16 million MUBARA tokens by spending 19,479 USDT across PancakeSwap and related routes. The strategic timing of this Yi He WeChat hack demonstrates sophisticated planning by the attackers.
The fake endorsement from Yi He’s compromised WeChat carried immediate weight with her network. Yi’s network includes many people who work in the sector and trade, so the fake advertising had an air of credibility that could easily trick traders into buying the memecoin. Trading volume exploded as the scheme spread through WeChat channels.
The profitability speaks volumes about the effectiveness of social engineering in crypto. Bad actors spent 19,479 USDT to buy 21.16 million of the tokens, making around $55,000 from the subsequent pump, with hackers still holding 9.21 million Mubarakah, collecting a total profit of around $55,000.
The Broader Context of Crypto Social Media Security
This Yi He WeChat hack isn’t an isolated incident. The cryptocurrency industry faces an escalating crisis of social media security breaches that’s costing billions. $2.37 billion was lost to crypto hacks in H1 2025, up 66% from H1 2024, with social platforms increasingly becoming attack vectors.
Recent statistics paint a disturbing picture of the threat landscape. Social media platforms are linked to 53% of crypto fraud schemes uncovered in 2024, with Telegram and Instagram being the most exploited. The scale of these attacks is growing rapidly, with social media platforms like Twitter and Telegram seeing a 70% rise in crypto phishing schemes, luring users to fake giveaways and wallet services.
The attack methods are becoming increasingly sophisticated, especially targeting high-profile figures. In a similar case, Tron founder Justin Sun’s account was compromised on November 30, showing a clear pattern in the attackers’ methods. High-profile account hijackings have multiplied, as hackers realize that taking over an official Twitter or IG account gives instant access to a huge, trusting audience, with late 2024 and 2025 especially seeing troubling rises in these incidents.
Technical Analysis of WeChat Vulnerabilities
The Yi He WeChat hack exposes fundamental flaws in how traditional social platforms handle security for high-value targets. SlowMist founder Yu Xuan published a breakdown on how WeChat account takeovers may occur, warning that the barrier to attacks can be surprisingly low, with attackers who have leaked login credentials able to seize control by contacting just two “frequent contacts”.
This vulnerability becomes particularly dangerous for crypto executives whose networks consist largely of industry professionals and traders. Yu Xuan stressed that this attack method exploits the trust graph and interaction history in WeChat, making it especially effective against well-connected figures like Yi He.
The technical details of the breach reveal how attackers can leverage social connections for unauthorized access. Yi He’s old number had been reassigned, allowing attackers to bypass WeChat’s SMS-based two-factor authentication, which is a known weakness in services that tie identity to mobile carriers rather than hardware-based security.
Financial Impact and Market Manipulation
The financial mechanics of the Yi He WeChat hack demonstrate how quickly social media breaches can translate into market manipulation. After posting about the memecoin on Yi He’s WeChat account, the token surged around 800% before crashing as the hacker offloaded, creating massive volatility in a matter of hours.
The pump-and-dump scheme’s execution was precisely timed for maximum profit. The attackers created two wallets and spent 19,479 USDT to accumulate 21.16 million MUBARAKAH tokens at fractions of a cent, with the token briefly surging from $0.001 to $0.008, pushing its market cap above $8 million, before attackers sold 11.95 million tokens for 43,520 USDT, locking in most of their gains.
This level of profit from a social media hack illustrates the massive incentives driving these attacks. A single breach can cost millions, as social accounts are gateways to entire communities, and if hijacked, they can directly lead to stolen funds as high as $3M in one incident and irreparable financial harm to users.
Industry Response and Damage Control
The response to the Yi He WeChat hack reveals both the crypto industry’s preparedness and its vulnerabilities. Zhao said the attackers used the compromised account to circulate memecoin endorsements and urged users to ignore the messages. The founder took the opportunity to highlight broader security concerns, with Zhao noting that “Web 2 social media security is not that strong”.
Recovery efforts moved swiftly once the breach was detected. Yi He later confirmed her WeChat account had been recovered, with the password changed through external verification, and a Binance spokesperson told Cointelegraph that the company worked closely with WeChat’s security team to recover access, with the account now successfully restored.
The incident’s aftermath also prompted important warnings about ongoing threats. Yi He said “It is currently suspected that bad actors are continuously lurking by using feedback issues and seeking help to add me as a friend” and thanked everyone for spreading the word to avoid more people falling victim to scams.
Crypto Social Media Security Statistics and Trends
The broader data surrounding crypto social media hacks reveals alarming trends that the Yi He WeChat hack exemplifies. Phishing attacks were responsible for 48% of exchange breaches, showing ongoing reliance on social engineering tactics. The scale of losses continues to grow, with Q3 2025 alone recording approximately $306.7 million lost in hacks, bringing year-to-date losses to approximately $2.55 billion.
Crypto companies face rising social media hacks in 2025-2026, learning the dangers and how to protect brands, investors, and communities from costly scams. The threat landscape shows no signs of improving, with social engineering attacks targeting crypto investors increasing by 50%, with average losses per victim hitting $55,000, while phishing attacks remain the most prevalent vector, with 45% of cryptocurrency breaches in 2023 originating from phishing schemes.
The evolution of attack methods is particularly concerning for industry leaders. AI-generated deepfake scams surged by 900% between 2023 and 2025, especially impersonating crypto founders and influencers, making it increasingly difficult for followers to distinguish legitimate communications from fraudulent ones.
Prevention Strategies for Crypto Executives
The Yi He WeChat hack offers critical lessons for crypto industry security protocols. SlowMist’s Yu Xuan advised high-profile users to prune contacts, rotate passwords and act fast on alerts to reduce WeChat takeover risks. However, preventing these attacks requires more comprehensive approaches.
Hardware-based security emerges as a critical recommendation. As CZ emphasized: “Web2 security is not that strong,” urging users to strengthen non-crypto account protections with hardware keys and stronger 2FA. This advice becomes especially important for executives whose compromised accounts can affect entire ecosystems.
Account hygiene proves essential for preventing breaches like the Yi He WeChat hack. The hack affected only the dormant WeChat Moments feed, with attackers gaining no access to Binance’s internal systems, email, or active accounts, as Yi He clarified that she abandoned the WeChat account years ago. Abandoned accounts create persistent vulnerabilities that attackers can exploit years later.
The best practices for crypto social media security emphasize proactive management. Companies must implement comprehensive social media security policies, regular security audits, and rapid response protocols for potential breaches.
Regulatory and Compliance Implications
The Yi He WeChat hack occurs against a backdrop of increasing regulatory scrutiny of crypto platform security. US regulatory agencies increased enforcement actions by 80% in 2023, particularly targeting unregistered exchanges, and social media security breaches could trigger additional compliance requirements.
International coordination on crypto crime continues to expand. Interpol led operations like HAECHI VI coordinated 40+ countries to recover $439M cash+crypto from fraudsters, demonstrating the global nature of enforcement efforts against crypto-related social media fraud.
Future regulatory frameworks may specifically address social media security requirements for crypto executives. The European Union plans to implement cross-border crypto regulations by 2025, aiming to prevent illicit activities linked to organized cybercrime, while blockchain analytics tools are projected to grow by 70% by 2025, aiding exchanges and governments in tracking suspicious crypto activities.
The Human Element in Crypto Security
Beyond technical vulnerabilities, the Yi He WeChat hack highlights the human factors that make crypto executives particularly vulnerable to social engineering. 60% of reported cyber breaches in 2025 involved the human element, primarily social-engineering vectors, making education and awareness crucial components of security strategies.
Trust networks within the crypto industry create both opportunities and vulnerabilities. The effectiveness of the Yi He WeChat hack relied heavily on the implicit trust that industry professionals place in communications from known figures. Trust is the most valuable asset in crypto, built on community trust, where a hack or unchecked flood of scam comments can shatter credibility overnight, as users might not give a second chance, making safeguarding social platforms as critical as securing code or treasury—it’s part of protecting brand integrity.
Future Outlook and Industry Evolution
The Yi He WeChat hack represents a pivotal moment for crypto industry security awareness. The hack highlights the growing threat facing public figures in crypto, where even when executives stop using certain platforms, abandoned accounts can still become valuable targets, and as more leaders maintain public profiles, attackers gain new opportunities to exploit weak points in Web2 services.
The trajectory of crypto social media attacks suggests continued escalation. According to Hacken’s latest research, the crypto sector has already recorded more than $3.1 billion in losses during the first half of 2025, a figure that already exceeds 2024, mainly due to access control flaws, phishing, and AI-driven exploits.
The evolution toward more sophisticated attack methods means traditional security measures alone won’t suffice. The years 2025-2026 will likely see continued attempts by bad actors to exploit any weakness in social media, from sophisticated account takeovers to waves of scam comments aiming to defraud users, with the magnitude of threat evident in multi-billion dollar losses and numerous examples, making it crucial for crypto companies to learn from incidents and proactively fortify social channels to protect both community and their own future.
The Yi He WeChat hack serves as a stark reminder that in the cryptocurrency industry, security vulnerabilities extend far beyond blockchain protocols and smart contracts. As the industry matures, comprehensive security strategies must address every potential attack vector—from abandoned social media accounts to the trust networks that make crypto communities so powerful, yet so vulnerable to exploitation.
Frequently Asked Questions
What exactly happened in the Yi He WeChat hack?
Hackers gained access to Binance co-CEO Yi He’s abandoned WeChat account through a compromised old phone number, then used it to promote a memecoin called MUBARA in a pump-and-dump scheme that netted approximately $55,000 in profits.
How did the attackers bypass Yi He WeChat hack security measures?
The attackers exploited WeChat’s SMS-based two-factor authentication system by taking control of Yi He’s old phone number that had been reassigned, allowing them to bypass security measures and access the dormant account.
What was the financial impact of the Yi He WeChat hack?
The hackers spent 19,479 USDT to purchase 21.16 million MUBARA tokens, then profited around $55,000 as the token surged 800% before they sold their holdings during the artificially created pump.
How common are crypto social media security breaches like the Yi He WeChat hack?
Social media platforms are linked to 53% of crypto fraud schemes, with phishing attacks responsible for 48% of exchange breaches, making such incidents increasingly common in the cryptocurrency industry.
What security measures can crypto executives implement to prevent incidents like the Yi He WeChat hack?
Crypto executives should use hardware-based two-factor authentication, regularly audit and close abandoned social media accounts, implement strict contact verification procedures, and maintain comprehensive social media security policies.
Why was the Yi He WeChat hack particularly effective?
The hack was effective because Yi He’s network consists largely of crypto industry professionals and traders, giving the fake endorsement credibility and making it easier to trick people into buying the promoted memecoin.
What are the broader implications of the Yi He WeChat hack for crypto industry security?
The incident highlights critical vulnerabilities in Web2 social media platforms and demonstrates how abandoned accounts can become valuable targets, emphasizing the need for comprehensive security strategies that extend beyond blockchain protocols.
