Hackers exploit Binance co-CEO Yi He’s WeChat account to pump memecoin – pocketing 55,000 USDT

Binance co-CEO Yi He’s official WeChat account was compromised and used to promote a little-known memecoin, triggering what analysts say was a classic pump-and-dump scheme that left late buyers nursing losses.

The breach became public after suspicious posts appeared on Yi He’s verified account, pushing a meme token to her large Chinese-language audience. The posts were swiftly deleted, and both Yi He and Binance confirmed the account had been hijacked.

Yi He later explained that the attacker gained access through an old phone number previously linked to her WeChat account. The number was no longer under her control, creating an unexpected security gap that the hacker exploited.

Binance founder Changpeng Zhao also issued a warning on X, making it clear that the promotional posts did not originate from Yi He. He urged users to ignore token promotions from compromised accounts and reminded the community that social media remains a weak link in crypto security.

On-chain data shows that shortly after the posts went live, newly created wallets began accumulating the promoted memecoin, simply known as MUBARA. Trading volume spiked as retail traders piled in. The wallets then rapidly sold into the surge, extracting tens of thousands of dollars in profit before activity subsided.

Blockchain analysis firms estimate the attacker made roughly 55,000 USDT across multiple sales while retaining a sizeable remaining token balance. The pattern closely mirrors previous social-engineering-driven market manipulations seen across decentralised exchanges.

Binance’s Yi He’s WeChat hack: Concerns grow over social media abuse

The incident arrives amid growing scrutiny of social media conduct inside major crypto firms. It follows rumours circulating in the industry that Binance recently suspended an employee for allegedly using a personal social media account to promote a fake blockchain project.

While Binance has not officially confirmed details of that suspension, the timing of the Yi He hack has sharpened concerns about how easily influence, visibility and trust can be misused in crypto markets. Together, the two episodes highlight the thin line between personal online presence and corporate responsibility in a sector still heavily driven by personalities.

Yi He was recently named co-CEO of Binance, marking a major step in her leadership role after years as one of the company’s most prominent executives. The hack has not affected her position, but it has triggered renewed internal reviews around account security and public-facing communications.

Binance reiterated that neither executives nor staff will ever promote unverified tokens through personal channels. The company urged users to treat any such promotions as scams, even when they appear to come from trusted figures.

The episode underscores a broader problem for the crypto industry. Trust is routinely built through social media rather than fundamentals, and attackers continue to exploit that dynamic. As this case shows, even top executives at the world’s largest exchange are not immune.

For retail investors, the warning is familiar but increasingly urgent. Verify information independently, ignore hype-driven endorsements, and assume that no token is legitimate simply because a high-profile name appears beside it.