Binance founder Changpeng Zhao said new co-CEO Yi He’s WeChat account was hacked Tuesday night and used to promote a little-known memecoin, turning the breach into a pump-and-dump scheme that briefly drove the asset higher on some decentralized exchanges.
Zhao said the attackers used the compromised account to spread memecoin mentions and urged users to ignore the messages.
“Web2 social media security is not that strong. Stay safe!” he wrote on X. “Don’t buy meme coins on hacker posts.”
Loading…
Yi He said she no longer used WeChat and the phone number linked to the account had been taken away, preventing her from regaining access.
The hack comes less than a week after Binance elevated Yi He to co-CEO during the company’s Blockchain Week event.
On-chain data shows that the hack quickly evolved from a social engineering violation to a commercial exploit.
Analytics account Lookonchain identified two newly minted wallets that accumulated approximately 21.16 million MUBARA tokens – a little-known memecoin on decentralized exchanges – by spending 19,479 USDT on PancakeSwap and associated routes.
As the fake endorsement spread via WeChat channels, trading volume and prices increased sharply on Dexscreener charts.
Wallets then began to shed their positions as new liquidity arrived.
According to Lookonchain, the attacker has already sold 11.95 million MUBARA for 43,520 USDT and still holds another 9.21 million tokens worth around $31,000, leaving profits close to $55,000 with the remaining inventory to sell.
The sequence reflects a familiar operating pattern of buying early, triggering retail demand via a compromised high-level account, and selling on the surge. The remaining traders – reacting to what appeared to be an endorsement from a top Binance executive – were exposed as the price reversed almost immediately once the selling began.
Binance did not issue a separate comment beyond Zhao and Yi He’s warnings.
