Binance founder Changpeng Zhao said the WeChat account of newly appointed co-CEO Yi He was hacked late Tuesday and used to promote a little-known memecoin, turning the breach into a pump-and-dump scheme that briefly sent the asset surging on some decentralized exchanges.
Zhao said the attackers used the compromised account to circulate memecoin credentials and urged users to ignore the messages.
“Social media security on Web2 is not that strong. Be safe!” he wrote on X. “Don’t buy meme coins from hacker’s posts.”
Loading…
Yi He said she no longer uses WeChat and that the phone number associated with the account was taken over, preventing her from regaining access.
The hack comes less than a week after Binance elevated Yi He to co-CEO during the firm’s Blockchain Week event.
On-chain data shows that the hack quickly transitioned from a social engineering breach to a trading exploit.
Analytics account Lookonchain identified two newly created wallets that accumulated around 21.16 million MUBARA tokens – a little-known memecoin on decentralized exchanges – by spending 19,479 USDT on PancakeSwap and related routes.
As the fake endorsement spread through WeChat channels, trading volume and price surged on Dexscreener charts.
The wallets then started offloading the position as fresh liquidity arrived.
According to Lookonchain, the attacker has already sold 11.95 million MUBARA for 43,520 USDT and still has another 9.21 million tokens worth about $31,000, leaving a profit close to $55,000 with remaining inventory yet to be sold.
The sequence reflects a familiar exploitation pattern of buying early, triggering retail demand through a compromised high profile account and selling into the rise. Late traders — who were reacting to what appeared to be an endorsement from a top executive at Binance — were left exposed as the price reversed almost immediately as the sell-off began.
Binance has not issued a separate comment beyond the warnings from Zhao and Yi He.
