Daily newsHot NewsHot TopicReleases

Binance co-CEO Yi He hit by WeChat hack amid growing Web2 risks for crypto execs

Meta Maven
  • Binance co-CEO Yi He’s WeChat was hijacked after an old phone number was reassigned.
  • Attackers used the compromised account to promote a token scam, reportedly netting $55,000.
  • Incident highlights rising Web2 security threats for crypto leaders following similar hacks of Justin Sun and BNB Chain’s X account.
  • SlowMist founder warns that WeChat takeovers can happen with minimal info and urges password rotation, pruning contacts, and fast responses to alerts.

Binance’s newly appointed co-CEO Yi He revealed that her WeChat account had been hijacked after an old mobile number tied to the account was seized and reused — a reminder of how vulnerable Web2 communication platforms remain for high-profile crypto leaders.

Yi He stated on X that she had abandoned WeChat long ago, and the phone number linked to the account was reassigned, making recovery initially impossible. Binance later confirmed that the company worked directly with WeChat’s security team to restore access.

Source: Ti He and Justin Sun on X

Following the breach, blockchain analytics platform Lookonchain reported that attackers used the compromised account to promote a token called Mubarakah, pumping the price and allegedly profiting roughly $55,000. The timing of the attack was notable, coming just days after Yi He was officially elevated to co-CEO, a move Binance CEO Richard Teng described as a natural evolution in leadership.

This incident isn’t isolated. In late November, Tron founder Justin Sun experienced a similar WeChat compromise, prompting him to notify users that he was attempting to regain control. These repeated attacks highlight a worrying trend: legacy platforms such as WeChat remain prime targets because of phone-number-linked login systems and long dormancy periods for unused accounts.

Security researcher and SlowMist founder Yu Xuan reposted guidance explaining how shockingly easy these takeovers can be. His analysis showed that if attackers possess leaked login data, they may only need to contact two “frequent contacts” to confirm the takeover — even if those contacts were never directly messaged.

China’s system of reissuing inactive mobile numbers after just three months significantly increases the risk. Attackers can abuse SIM-linked account recovery, credential stuffing, and social engineering to seize dormant accounts tied to reissued numbers.

Yu Xuan urged high-profile crypto figures — especially those who communicate with OTC traders, wallet services, or sensitive counterparties — to:

  • Avoid casually adding unknown contacts
  • Regularly rotate passwords
  • Act immediately on suspicious login alerts

Binance co-founder Changpeng Zhao (CZ) also commented that he hasn’t used WeChat in years and reminded users that he would never promote memecoin contract addresses from the platform — an important warning given the rise of impersonation scams.The episode echoes a similar compromise earlier this year, when the BNB Chain official X account was hacked and used to post phishing links. Roughly $8,000 was stolen before Binance reimbursed affected users — underscoring how Web2 security remains a critical weak point even for the largest crypto organizations.

You May Also Like

Monad Co-Founder Warns of Telegram Ad Scam Ahead of Airdrop

Meta Maven

Companies Weigh In as UK Prepares to Reverse Crypto ETNs Ban

BlockScout

Crypto Debanking Persists in US Despite Trump’s Pro-Crypto Push

BlockScout
You have not selected any currencies to display