Incident Overview
Binance co-founder and co-CEO Yi He reported that her verified WeChat account was compromised and used to promote a meme coin named Mubara to thousands of followers in China's tightly controlled social media ecosystem. The attackers allegedly used her profile to imply a privileged relationship with the project, creating the impression of an insider endorsement that could drive speculative buying.
Binance later clarified that the messages were not authorized and that Yi He has no connection to the Mubara team or its token economics. The exchange stated it is working to understand how the compromise occurred. It reminded users that it does not list or endorse every coin mentioned by its executives, especially on third-party platforms.
Someone hacked @heyibinance‘s WeChat account, and posted about $Mubarakah, sending the token’s price soaring. @cz_binance
The hacker created 2 new wallets(0x6739 and 0xD0B8) ~7 hours ago and spent 19,479 $USDT to buy 21.16M $Mubarakah.
After the pump, the hacker has already… pic.twitter.com/39ncDQjgSe
Binance's Response and Market Manipulation Concerns
In internal communications and community channels, Binance characterized the attack as an attempt at market manipulation, leveraging a trusted executive’s reputation to pump an illiquid token. This incident resembles past cases where compromised social media accounts were used to push malicious links, phishing pages, or thinly traded coins that crash once insiders or exploiters exit.
Binance stressed that users should cross-check any investment call or listing claim against official Binance announcements, not personal or semi-private social accounts, especially when it involves newly launched meme coins. The company also highlighted that speculative assets with no clear fundamentals remain highly vulnerable to coordinated pump-and-dump activity across Asian messaging platforms.
Broader Implications for Crypto Security
The recent hijacking of a Binance executive’s social media account to promote a meme coin highlights an ongoing security weakness in the crypto space. This echoes incidents such as the $37 million hack of the Upbit exchange, where attackers made off with Solana-based tokens, forcing the exchange to temporarily shut down services and promise full reimbursement to affected users from its own reserves.
Taken together, these events demonstrate the ecosystem's vulnerability, whether through social media takeovers used to manipulate markets or direct attacks on hot wallets. They underline the necessity for stronger security practices, enhanced user education regarding scams and manipulation, and well-capitalized exchanges that can provide support when issues arise.