Binance Co-CEO Yi He’s WeChat Account Compromised: A Wake-Up Call for Web2 Security Risks in Crypto
共有
Key Takeaways
- Binance Co-Founder and newly appointed Co-CEO Yi He revealed that her WeChat account was hijacked after an old mobile number tied to the account was reassigned by a telecom provider.
- Hackers used the compromised account to promote a token named Mubarakah, reportedly profiting around $55,000.
- The incident comes weeks after Justin Sun also reported his WeChat account being hacked.
- SlowMist’s founder warns that WeChat account takeovers require alarmingly low effort, especially with leaked passwords and recycled phone numbers.
- CZ reminds users that he does not use WeChat and will never promote any meme coin contracts through that platform.
- A series of recent account compromises, including the BNB Chain official X account, highlight the growing need for stronger Web2 security among crypto leaders.
Overview of the Incident
Binance Co-Founder and Co-CEO Yi He announced on X that her WeChat account was recently compromised. The breach occurred because an old mobile number tied to the account had been recycled and reassigned, allowing an attacker to take full control.
Yi He stated that the WeChat account had been inactive for a long time and is now completely unrecoverable due to the reassigned phone number.
Hacker Promotes Token to Generate Profit
Blockchain analytics platform Lookonchain reported that the attacker used the compromised WeChat account to shill a token called Mubarakah, which saw a short-term price spike.The hacker is estimated to have gained approximately $55,000 from the scheme.
The attack took place only days after Binance CEO Richard Teng announced Yi He’s promotion to Co-CEO, describing the leadership change as a “natural evolution.”
The Incident Follows a Similar Attack on Justin Sun
Earlier in November, Tron founder Justin Sun also reported that his WeChat account had been taken over by unknown actors.
He stated on X that he had reached out to WeChat’s support team in an attempt to recover the account.
The two incidents happening so close together highlight a broader issue: Web2 platforms remain a weak link for high-profile figures in crypto, even as Web3 security continues to advance.
SlowMist Founder Explains Why WeChat Hijacking Is So Easy
SlowMist founder Yu Xuan reshared a technical breakdown explaining the mechanics of WeChat account takeovers—and why the barrier to entry is surprisingly low.
Account Takeover Requires Only Minimal Verification
According to Yu Xuan’s testing:
- If attackers obtain leaked login credentials,
- They only need verification from two "frequently contacted" accounts, which may simply be users who interacted in group chats—even without any direct messaging history.
This makes the entire attack flow extremely accessible to cybercriminals.
Recycled Phone Numbers Are a Major Risk
In China, telecom providers typically reassign unused numbers after three months, meaning:
- Previously linked WeChat or payment accounts
- Weak or reused passwords
- Credential stuffing attacks
- SIM swap abuse
- Social engineering
…become significantly more effective paths for compromise.
SlowMist’s Security Recommendations
Yu Xuan advises crypto executives and OTC traders to:
- Avoid adding unknown contacts casually
- Rotate passwords regularly
- Respond immediately to login or security alerts
- Diversify communication channels and avoid over-reliance on any single Web2 app
CZ Responds—“I Do Not Promote Meme Coins on WeChat”
Binance Co-Founder CZ also commented on X, clarifying that he has not used WeChat for a long time. He emphasized that he would never promote:
- Meme coins
- Contract addresses
- Investment opportunities
…through that platform, urging users to stay vigilant against impersonation schemes.
Part of a Larger Trend: BNB Chain’s X Account Was Also Hacked
Yi He’s case is not an isolated incident. Just months earlier, the official BNB Chain X account was compromised on October 1. Hackers posted phishing links that resulted in roughly $8,000 in user losses. BNB Chain later confirmed that all impacted users were fully reimbursed.
Web2 Vulnerabilities Pose Real Threats to Web3 Leaders
As crypto remains heavily tied to Web2 communication channels (WeChat, X, Telegram), these platforms become attack vectors that can:
- Manipulate token prices
- Mislead large user groups
- Damage brand credibility
- Facilitate phishing or fund theft
In other words, Web2 account compromise is becoming a major cybersecurity risk for the crypto industry.
Conclusion: Crypto Leaders Need Stronger Multi-Layer Security
The series of recent security breaches illustrates a harsh reality: Even as Web3 grows more secure, Web2 identity systems remain fragile, especially for high-profile figures.
To mitigate risks, industry leaders should consider:
- Strict management of linked phone numbers
- Multi-factor authentication (2FA)
- Rapid-response security workflows
- Separation of personal and professional communication channels
- Regular password updates and credential hygiene
With attackers increasingly targeting social platforms, security strategy must extend beyond wallets and blockchains to include all digital identities.
FAQs
Q1: Why are crypto executives frequently targeted by hackers?
Their communication channels have large influence, allowing attackers to push scams, pump tokens, and deceive investors efficiently.
Q2: Does a recycled phone number automatically compromise a WeChat account?
Not automatically, but it significantly increases risk, especially when paired with leaked credentials or weak passwords.
Q3: Are Web2 account breaches connected to on-chain losses?
Indirectly. While wallet keys remain safe, impersonation attacks through compromised accounts can lead to large-scale phishing and financial loss.
Q4: What security measures should high-profile crypto figures adopt?
Password rotation, 2FA, reduced exposure of personal accounts, and multi-channel verification for sensitive communications.
Q5: Should crypto companies move away from Web2 platforms entirely?
Complete separation is unrealistic. Instead, companies should adopt layered security, official verification frameworks, and clear communication standards.
市場の機会
Helium Mobile価格(MOBILE)
$0.0002458
$0.0002458$0.0002458
USD
Helium Mobile (MOBILE) ライブ価格チャート
説明:暗号資産パルスは、AIと公開情報源を活用し、最新のトークントレンドを瞬時にお届けします。専門家の洞察と詳細な分析については、MEXC 学ぶ をご覧ください。
このページに掲載されている記事は、公開プラットフォームから引用したものであり、情報提供のみを目的としています。MEXCの見解を必ずしも反映するものではありません。すべての権利は原著者に帰属します。コンテンツが第三者の権利を侵害していると思われる場合は、service@support.mexc.com までご連絡ください。速やかに削除いたします。
MEXCは、いかなるコンテンツの正確性、完全性、または適時性についても保証するものではなく、提供された情報に基づいて行われたいかなる行動についても責任を負いません。本コンテンツは、財務、法律、またはその他の専門的なアドバイスを構成するものではなく、MEXCによる推奨または支持と解釈されるべきではありません。
Helium Mobile の最新情報
もっと見る
トランプをテーマにした暗号資産モバイルゲームが今年12月に登場:エキサイティングな詳細!
トランプをテーマにした暗号資産統合モバイルゲームの発売が決定 ドナルド・トランプを中心とした新しいモバイルアプリが年末までにApple App Storeに登場予定で、ゲームと暗号資産機能を組み合わせたものになる見込みです。Freedom 45 Gamesによって開発されたこのタイトルは、トランプの名前を使用する公式ライセンスを取得しており、[...]と提携しています。
2025/12/10
BilleaseがProTechパートナーシップを通じてアプリ内サービスを拡大
Billeaseは、InsurTechプロバイダーのProTech Devicesとのパートナーシップ強化に伴い、アプリ内ショッピング機能「Billease Deals」の拡張を発表しました。このアップデートにより、プラットフォームのカタログは当初の携帯電話の提供を超えて、より幅広い電子機器を含むようになりました。2025年12月10日にマニラで発表されたこの拡張により、ユーザーはラップトップ、タブレットなどを購入できるようになります。[...] 「Billease Expands In-App Offerings Through ProTech Partnership」の記事は、Fintech News Philippinesに最初に掲載されました。
2025/12/10
ChatGPT が席巻:OpenAI のアプリが 2025 年に Apple の第 1 位ダウンロードになった理由
ビットコインワールド ChatGPTが席巻:OpenAIのアプリが2025年にAppleの最もダウンロードされたアプリに モバイルテクノロジーの新時代を告げる驚くべき変化の中、OpenAIのChatGPTは2025年、米国でAppleの最もダウンロードされたアプリの座を獲得しました。この注目すべき成果は、AIアシスタントがソーシャルメディアの巨人や必須ユーティリティを上回り、人工知能がアメリカ人の交流方法を根本的に変えていることを示しています[…] この投稿「ChatGPTが席巻:OpenAIのアプリが2025年にAppleの最もダウンロードされたアプリに」は最初にビットコインワールドに掲載されました。
2025/12/10
ホット
現在、市場で大きな注目を集めているトレンドの暗号資産
暗号資産価格
取引高が最も多い暗号資産