БиржаDEX+

Купить крипто Рынки Спотовая Фьючерсы500X Сбережения Мероприятия

Еще

Розыгрыш золотого слитка и BTC2000g

Binance Co-CEO Yi He’s WeChat Account Compromised: A Wake-Up Call for Web2 Security Risks in Crypto

#Другие

MOBILE$0.000258-4.47%

2025/12/10 17:29

Key Takeaways

Binance Co-Founder and newly appointed Co-CEO Yi He revealed that her WeChat account was hijacked after an old mobile number tied to the account was reassigned by a telecom provider.
Hackers used the compromised account to promote a token named Mubarakah, reportedly profiting around $55,000.
The incident comes weeks after Justin Sun also reported his WeChat account being hacked.
SlowMist’s founder warns that WeChat account takeovers require alarmingly low effort, especially with leaked passwords and recycled phone numbers.
CZ reminds users that he does not use WeChat and will never promote any meme coin contracts through that platform.
A series of recent account compromises, including the BNB Chain official X account, highlight the growing need for stronger Web2 security among crypto leaders.

Overview of the Incident

Binance Co-Founder and Co-CEO Yi He announced on X that her WeChat account was recently compromised. The breach occurred because an old mobile number tied to the account had been recycled and reassigned, allowing an attacker to take full control.

Yi He stated that the WeChat account had been inactive for a long time and is now completely unrecoverable due to the reassigned phone number.

Hacker Promotes Token to Generate Profit

Blockchain analytics platform Lookonchain reported that the attacker used the compromised WeChat account to shill a token called Mubarakah, which saw a short-term price spike.The hacker is estimated to have gained approximately $55,000 from the scheme.

The attack took place only days after Binance CEO Richard Teng announced Yi He’s promotion to Co-CEO, describing the leadership change as a “natural evolution.”

The Incident Follows a Similar Attack on Justin Sun

Earlier in November, Tron founder Justin Sun also reported that his WeChat account had been taken over by unknown actors.

He stated on X that he had reached out to WeChat’s support team in an attempt to recover the account.

The two incidents happening so close together highlight a broader issue: Web2 platforms remain a weak link for high-profile figures in crypto, even as Web3 security continues to advance.

SlowMist Founder Explains Why WeChat Hijacking Is So Easy

SlowMist founder Yu Xuan reshared a technical breakdown explaining the mechanics of WeChat account takeovers—and why the barrier to entry is surprisingly low.

Account Takeover Requires Only Minimal Verification

According to Yu Xuan’s testing:

If attackers obtain leaked login credentials,
They only need verification from two "frequently contacted" accounts, which may simply be users who interacted in group chats—even without any direct messaging history.

This makes the entire attack flow extremely accessible to cybercriminals.

Recycled Phone Numbers Are a Major Risk

In China, telecom providers typically reassign unused numbers after three months, meaning:

Previously linked WeChat or payment accounts
Weak or reused passwords
Credential stuffing attacks
SIM swap abuse
Social engineering

…become significantly more effective paths for compromise.

SlowMist’s Security Recommendations

Yu Xuan advises crypto executives and OTC traders to:

Avoid adding unknown contacts casually
Rotate passwords regularly
Respond immediately to login or security alerts
Diversify communication channels and avoid over-reliance on any single Web2 app

CZ Responds—“I Do Not Promote Meme Coins on WeChat”

Binance Co-Founder CZ also commented on X, clarifying that he has not used WeChat for a long time. He emphasized that he would never promote:

Meme coins
Contract addresses
Investment opportunities

…through that platform, urging users to stay vigilant against impersonation schemes.

Part of a Larger Trend: BNB Chain’s X Account Was Also Hacked

Yi He’s case is not an isolated incident. Just months earlier, the official BNB Chain X account was compromised on October 1. Hackers posted phishing links that resulted in roughly $8,000 in user losses. BNB Chain later confirmed that all impacted users were fully reimbursed.

Web2 Vulnerabilities Pose Real Threats to Web3 Leaders

As crypto remains heavily tied to Web2 communication channels (WeChat, X, Telegram), these platforms become attack vectors that can:

Manipulate token prices
Mislead large user groups
Damage brand credibility
Facilitate phishing or fund theft

In other words, Web2 account compromise is becoming a major cybersecurity risk for the crypto industry.

Conclusion: Crypto Leaders Need Stronger Multi-Layer Security

The series of recent security breaches illustrates a harsh reality: Even as Web3 grows more secure, Web2 identity systems remain fragile, especially for high-profile figures.

To mitigate risks, industry leaders should consider:

Strict management of linked phone numbers
Multi-factor authentication (2FA)
Rapid-response security workflows
Separation of personal and professional communication channels
Regular password updates and credential hygiene

With attackers increasingly targeting social platforms, security strategy must extend beyond wallets and blockchains to include all digital identities.

FAQs

Q1: Why are crypto executives frequently targeted by hackers?

Their communication channels have large influence, allowing attackers to push scams, pump tokens, and deceive investors efficiently.

Q2: Does a recycled phone number automatically compromise a WeChat account?

Not automatically, but it significantly increases risk, especially when paired with leaked credentials or weak passwords.

Q3: Are Web2 account breaches connected to on-chain losses?

Indirectly. While wallet keys remain safe, impersonation attacks through compromised accounts can lead to large-scale phishing and financial loss.

Q4: What security measures should high-profile crypto figures adopt?

Password rotation, 2FA, reduced exposure of personal accounts, and multi-channel verification for sensitive communications.

Q5: Should crypto companies move away from Web2 platforms entirely?

Complete separation is unrealistic. Instead, companies should adopt layered security, official verification frameworks, and clear communication standards.

Возможности рынка

Helium Mobile Курс (MOBILE)

$0.000258

$0.000258$0.000258

+2.34%

USD

График цены Helium Mobile (MOBILE) в реальном времени

Описание: Криптопульс использует возможности ИИ и открытые источники, чтобы мгновенно сообщать вам о самых актуальных трендах токенов. За экспертной аналитикой и подробной информацией перейдите на MEXC Обучение.

Статьи, размещенные на данной странице, получены из открытых источников и предоставлены исключительно в информационных целях. Они не обязательно отражают точку зрения MEXC. Все права принадлежат их первоначальным авторам. Если вы считаете, что какой-либо материал нарушает права третьих лиц, пожалуйста, свяжитесь с нами по адресу service@support.mexc.com для его оперативного удаления.

MEXC не гарантирует точность, полноту или актуальность представленного контента и не несет ответственности за любые действия, предпринятые на основе предоставленной информации. Содержимое не является финансовой, юридической или иной профессиональной консультацией и не должно рассматриваться как рекомендация или одобрение со стороны MEXC.