Binance Co-Founder Yi He’s WeChat Hacked in Sophisticated Meme Coin Pump-and-Dump Scheme

Yi He, co-founder and co-CEO of Binance, has become the latest high-profile figure in the crypto space to fall victim to a social media hack. Following a similar incident involving Tron founder Justin Sun’s WeChat account, He’s account was compromised today, December 10th.

The attackers leveraged her platform to promote an obscure meme coin, $MUBARA, orchestrating a classic pump-and-dump scheme that saw the token’s value surge before a swift sell-off, leaving unsuspecting investors with losses.

CZ Confirms Hack, Issues Warning on Web2 Security

Binance founder Changpeng Zhao (CZ) swiftly confirmed the incident, issuing a stark warning to the crypto community. CZ explicitly stated that Yi He’s WeChat account had been hacked and urged users: “Do not buy meme coins from the hackers posts.”

He also highlighted the inherent vulnerabilities of “Web2 social media security,” emphasizing the need for enhanced digital vigilance: “Web 2 social media security is not that strong. Stay safu!”

Someone hacked @heyibinance’s WeChat account. Do not buy meme coins from the hackers posts.

Web 2 social media security is not that strong.

Stay safu!

— CZ 🔶 BNB (@cz_binance) December 10, 2025

Yi He Explains the Breach

Yi He herself later clarified the circumstances of the breach. She revealed that her WeChat account had been inactive for an extended period, and the compromise was a result of an abandoned phone number being reassigned and subsequently used to gain unauthorized access to her account.

Anatomy of a Pump-and-Dump: Lookonchain’s Investigation

Blockchain analytics firm Lookonchain meticulously tracked the on-chain transactions, dissecting the “acquire, pump, and dump” strategy employed by the attackers:

• Pre-Positioning & Acquisition: Approximately seven hours before the public promotion, the hackers established two new wallets. They strategically invested around 19,479 USDT to acquire 21.16 million $MUBARA tokens at a low price.
• Social Engineering & Market Manipulation: Leveraging Yi He’s compromised WeChat account, the attackers broadcasted promotions for $MUBARA to a wide audience. This widespread exposure successfully ignited market interest, drawing in unsuspecting retail investors and causing both the trading volume and price of $MUBARA to skyrocket.
• Profitable Exit Strategy: Once the token’s price reached its peak, the hackers began systematically offloading their holdings in batches.

According to Lookonchain’s data, the attackers have already sold 11.95 million $MUBARA tokens, netting a profit of approximately 43,520 USDT. They still retain 9.21 million $MUBARA, valued at roughly $31,000.

Someone hacked @heyibinance‘s WeChat account, and posted about $Mubarakah, sending the token’s price soaring. @cz_binance

The hacker created 2 new wallets(0x6739 and 0xD0B8) ~7 hours ago and spent 19,479 $USDT to buy 21.16M $Mubarakah.

After the pump, the hacker has already… pic.twitter.com/39ncDQjgSe

— Lookonchain (@lookonchain) December 10, 2025

This incident serves as a critical reminder of the pervasive risks within the digital asset landscape, particularly concerning social engineering attacks and the exploitation of personal accounts. As the crypto world continues to evolve, the importance of robust personal cybersecurity practices, even for dormant accounts, cannot be overstated. Users are strongly advised to remain vigilant and exercise extreme caution when encountering unsolicited investment advice, especially for obscure meme coins.