Binance co-founder Changpeng Zhao (CZ) has issued a warning to users following a security incident where co-CEO Yi He’s WeChat account was compromised. A hacker used the hijacked account to promote the meme coin Mubarakah, which subsequently saw its price surge by over 157%.
CZ confirmed the breach on X, advising users to disregard any posts originating from the compromised account and to refrain from purchasing any cryptocurrencies promoted through it.
Yi He stated that she no longer uses WeChat and that the hacker also gained control of the phone number linked to her account, which prevented her from recovering access.
Someone hacked @heyibinance ’s WeChat account. Do not buy meme coins from the hackers posts.
Web 2 social media security is not that strong.
Stay safu!
— CZ 🔶 BNB (@cz_binance) December 10, 2025
WeChat is a widely-used messaging and payment application with a significant user base in China and other parts of Asia.
Early Wallet Activity Indicates Planning Behind the Attack
On-chain analytics firm Lookonchain reported that prior to the attack, the hacker created two new wallets. These wallets were funded with 19,479 USDT, which were then used to purchase 21.16 million Mubarakah tokens at low prices. The addresses of these wallets are identified as “0x6739b732C14515997Caa8deCb6C047dc1c02Fb9c” and “0xD0B8Ea6AF32A4F44Ed7F8A5E4E7b959239f5AE1D.”
Following these purchases, the meme coin’s price experienced a significant surge. CoinGecko data indicated that the price reached a high of $0.006365 within the past trading day. As of 3:23 a.m. EST, the price had corrected to $0.003363, still representing an increase of over 157%.
Lookonchain also noted that the hacker began selling tokens as the price surged. After the substantial price increase, the firm stated that the hacker sold 11.95 million tokens, realizing a profit of approximately 43,520 USDT. The hacker still holds 9.21 million tokens, valued at $31K. In total, the firm estimates the hacker’s overall profit to be around $55K.
Recent Series of Social Media Hacks in the Crypto Space
The compromise of Yi He’s WeChat account follows a similar incident involving Tron founder Justin Sun. In late November, hackers gained access to Sun’s WeChat account and used it to promote fraudulent endorsements of a low-cap meme coin.
A market observer commented on X, stating that these incidents involve "posting Meme shitcoins in Moments to scam people." The observer added, "It feels like it’s specifically targeting the WeChat accounts of top Web3 big shots for theft. On-chain ‘hacker competitions’ are intense, and they’re starting to move the ‘battlefield’ off-chain. WeChat isn’t one of the safest social media platforms—how are the scammers getting the passwords/SIM card info and such to carry out the theft?"
The hacks targeting Yi He’s and Sun’s accounts are not isolated incidents of illicit actors gaining control of influential figures' social media profiles. Similar SIM swap attacks have also been executed against X accounts.
Among these attacks was the one on the official X account of BNB Chain in October, where the hacker advertised a fake “BNB HODLer Airdrop.” Earlier this year, hackers also compromised the X account of former Malaysian Prime Minister Mahathir Mohamad to promote a deceptive meme coin scheme. Additionally, Canadian rapper Drake had his account compromised and used to hype a fake meme coin called “Anita.”