Binance Co-CEO Yi He’s WeChat Account Compromised: A Wake-Up Call for Web2 Security Risks in Crypto
Share
Key Takeaways
- Binance Co-Founder and newly appointed Co-CEO Yi He revealed that her WeChat account was hijacked after an old mobile number tied to the account was reassigned by a telecom provider.
- Hackers used the compromised account to promote a token named Mubarakah, reportedly profiting around $55,000.
- The incident comes weeks after Justin Sun also reported his WeChat account being hacked.
- SlowMist’s founder warns that WeChat account takeovers require alarmingly low effort, especially with leaked passwords and recycled phone numbers.
- CZ reminds users that he does not use WeChat and will never promote any meme coin contracts through that platform.
- A series of recent account compromises, including the BNB Chain official X account, highlight the growing need for stronger Web2 security among crypto leaders.
Overview of the Incident
Binance Co-Founder and Co-CEO Yi He announced on X that her WeChat account was recently compromised.
The breach occurred because an old mobile number tied to the account had been recycled and reassigned, allowing an attacker to take full control.
Yi He stated that the WeChat account had been inactive for a long time and is now completely unrecoverable due to the reassigned phone number.
Hacker Promotes Token to Generate Profit
Blockchain analytics platform Lookonchain reported that the attacker used the compromised WeChat account to shill a token called Mubarakah, which saw a short-term price spike.The hacker is estimated to have gained approximately $55,000 from the scheme.
The attack took place only days after Binance CEO Richard Teng announced Yi He’s promotion to Co-CEO, describing the leadership change as a “natural evolution.”
The Incident Follows a Similar Attack on Justin Sun
Earlier in November, Tron founder Justin Sun also reported that his WeChat account had been taken over by unknown actors.
He stated on X that he had reached out to WeChat’s support team in an attempt to recover the account.
The two incidents happening so close together highlight a broader issue: Web2 platforms remain a weak link for high-profile figures in crypto, even as Web3 security continues to advance.
SlowMist Founder Explains Why WeChat Hijacking Is So Easy
SlowMist founder Yu Xuan reshared a technical breakdown explaining the mechanics of WeChat account takeovers—and why the barrier to entry is surprisingly low.
Account Takeover Requires Only Minimal Verification
According to Yu Xuan’s testing:
- If attackers obtain leaked login credentials,
- They only need verification from two "frequently contacted" accounts, which may simply be users who interacted in group chats—even without any direct messaging history.
This makes the entire attack flow extremely accessible to cybercriminals.
Recycled Phone Numbers Are a Major Risk
In China, telecom providers typically reassign unused numbers after three months, meaning:
- Previously linked WeChat or payment accounts
- Weak or reused passwords
- Credential stuffing attacks
- SIM swap abuse
- Social engineering
…become significantly more effective paths for compromise.
SlowMist’s Security Recommendations
Yu Xuan advises crypto executives and OTC traders to:
- Avoid adding unknown contacts casually
- Rotate passwords regularly
- Respond immediately to login or security alerts
- Diversify communication channels and avoid over-reliance on any single Web2 app
CZ Responds—“I Do Not Promote Meme Coins on WeChat”
Binance Co-Founder CZ also commented on X, clarifying that he has not used WeChat for a long time.
He emphasized that he would never promote:
- Meme coins
- Contract addresses
- Investment opportunities
…through that platform, urging users to stay vigilant against impersonation schemes.
Part of a Larger Trend: BNB Chain’s X Account Was Also Hacked
Yi He’s case is not an isolated incident. Just months earlier, the official BNB Chain X account was compromised on October 1. Hackers posted phishing links that resulted in roughly $8,000 in user losses. BNB Chain later confirmed that all impacted users were fully reimbursed.
Web2 Vulnerabilities Pose Real Threats to Web3 Leaders
As crypto remains heavily tied to Web2 communication channels (WeChat, X, Telegram), these platforms become attack vectors that can:
- Manipulate token prices
- Mislead large user groups
- Damage brand credibility
- Facilitate phishing or fund theft
In other words, Web2 account compromise is becoming a major cybersecurity risk for the crypto industry.
Conclusion: Crypto Leaders Need Stronger Multi-Layer Security
The series of recent security breaches illustrates a harsh reality:
Even as Web3 grows more secure, Web2 identity systems remain fragile, especially for high-profile figures.
To mitigate risks, industry leaders should consider:
- Strict management of linked phone numbers
- Multi-factor authentication (2FA)
- Rapid-response security workflows
- Separation of personal and professional communication channels
- Regular password updates and credential hygiene
With attackers increasingly targeting social platforms, security strategy must extend beyond wallets and blockchains to include all digital identities.
FAQs
Q1: Why are crypto executives frequently targeted by hackers?
Their communication channels have large influence, allowing attackers to push scams, pump tokens, and deceive investors efficiently.
Q2: Does a recycled phone number automatically compromise a WeChat account?
Not automatically, but it significantly increases risk, especially when paired with leaked credentials or weak passwords.
Q3: Are Web2 account breaches connected to on-chain losses?
Indirectly. While wallet keys remain safe, impersonation attacks through compromised accounts can lead to large-scale phishing and financial loss.
Q4: What security measures should high-profile crypto figures adopt?
Password rotation, 2FA, reduced exposure of personal accounts, and multi-channel verification for sensitive communications.
Q5: Should crypto companies move away from Web2 platforms entirely?
Complete separation is unrealistic. Instead, companies should adopt layered security, official verification frameworks, and clear communication standards.
Market Opportunity
Helium Mobile Price(MOBILE)
$0.0002523
$0.0002523$0.0002523
USD
Helium Mobile (MOBILE) Live Price Chart
Description:Crypto Pulse is powered by AI and public sources to bring you the hottest token trends instantly. For expert insights and in-depth analysis, visit MEXC Learn.
The articles shared on this page are sourced from public platforms and are provided for informational purposes only. They do not necessarily represent the views of MEXC. All rights remain with the original authors. If you believe any content infringes upon third-party rights, please contact service@support.mexc.com for prompt removal.
MEXC does not guarantee the accuracy, completeness, or timeliness of any content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be interpreted as a recommendation or endorsement by MEXC.
Latest Updates on Helium Mobile
View More
Trump Game Launches with Token Giveaway; License Revealed
The post Trump Game Launches with Token Giveaway; License Revealed appeared on BitcoinEthereumNews.com. Trump-themed game announced with $1M giveaway, boosting TRUMP token. Project disclaimer confirms no involvement from Donald Trump or his companies whatsoever. Analysts warn Bitcoin dominance could limit upside if TRUMP fails breakout attempt. A new Trump-themed mobile game is making headlines online, but there is confusion about whether the US president is involved. The Trump Meme project announced that it is preparing to launch what it calls the “first and only official Trump mobile game” for Donald Trump fans. The game will use the $TRUMP token as its in-game currency, and the team has opened a waitlist with a $1 million TRUMP giveaway. The announcement pushed the TRUMP token up about 5% in the last 24 hours, with some analysts calling the move a major shock for the GameFi sector. Crypto analyst Cryptosrus even said “Trump just dropped a nuke on GameFi,” arguing that Trump-related hype could bring new attention to blockchain gaming. Related: Wall Street Titans Intervene in Senate Crypto Talks: ‘Kill the Stablecoin Yield’ Is This Really Connected to Donald Trump? Despite the flashy promotions, the project itself includes a clear legal disclaimer. When users click through to the game page, they see a warning stating that Trump Billionaires Club is not created or operated by Donald J. Trump, the Trump Organization or their affiliates. The company behind the game, Freedom45Games LLC, says it only uses Trump’s name and likeness under a license that could be revoked. It adds that the game is not political, not linked to any campaign and is designed only as a digital collectible experience, not an investment. “The Website Offerings are not affiliated with any cryptocurrency offering, are not political, and have nothing to do with any political campaign,” the website said. TRUMP Token Price Still Far Below Highs The TRUMP token is…
2025/12/10
ChatGPT Dominates: How OpenAI’s App Became Apple’s #1 Download in 2025
BitcoinWorld ChatGPT Dominates: How OpenAI’s App Became Apple’s #1 Download in 2025 In a stunning shift that signals a new era for mobile technology, OpenAI’s ChatGPT has claimed the top spot as Apple’s most downloaded app in the United States for 2025. This remarkable achievement sees the AI assistant surpassing social media giants and essential utilities, demonstrating how artificial intelligence is fundamentally changing how Americans interact with […] This post ChatGPT Dominates: How OpenAI’s App Became Apple’s #1 Download in 2025 first appeared on BitcoinWorld.
2025/12/10
Sei will partner with Xiaomi to pre-install Web3 payment applications on new smartphones worldwide.
PANews reported on December 10th that Sei Network announced a partnership with Xiaomi, the world's third-largest smartphone manufacturer, to pre-install its next-generation crypto wallet and discovery app, powered by Sei, on new Xiaomi phones sold outside of mainland China and the United States. The app supports stablecoin payments, P2P transfers, and DApp integration, and will expand to Xiaomi's 20,000 global retail channels, initially launching in Hong Kong and the European Union, with a target launch date of Q2 2026. Simultaneously, Sei announced the establishment of a $5 million Global Mobile Innovation Fund to accelerate the adoption of blockchain in consumer devices.
2025/12/10
HOT
Currently trending cryptocurrencies that are gaining significant market attention
Crypto Prices
The cryptocurrencies with the highest trading volume
Newly Added
Recently listed cryptocurrencies that are available for trading