Binance Exec’s WeChat Hacked in $55K Meme Coin Scam

According to blockchain analytics platform Lookonchain, the attack was meticulously planned. Hours before promotional posts appeared on Yi He’s compromised WeChat, the hacker created two new wallets and began accumulating MUBARA tokens via the decentralized exchange PancakeSwap. The attacker spent $19,479 to purchase 21.16 million MUBARA, which triggered an immediate and dramatic price rally. The token’s value skyrocketed from around $0.001 to $0.008 within minutes, inflating its market capitalization to approximately $8 million and spurring heavy trading activity on the BNB Chain.

Lookonchain’s on-chain data reveals the subsequent dump phase: the attacker sold 11.95 million of the accumulated MUBARA tokens for $43,520. They still hold a remaining 9.21 million tokens, valued at roughly $31,000, bringing their total estimated profit from the scheme to $55,000. MUBARA is a meme-based cryptocurrency that gained initial traction in early 2025 and was officially listed on Binance Alpha in March through the BNB Chain Launchpad platform Four Meme, a detail that may have lent false legitimacy to the fraudulent promotion.

This incident is not isolated. It represents the latest in a series of hacks targeting the WeChat accounts of prominent crypto figures, a trend distinguished by the repeated use of meme tokens to execute fraud. In a nearly identical case on November 30, the WeChat account of Tron founder Justin Sun was compromised and similarly used for promotional scams. The crypto community on platform X has begun describing these events as intense “hacker competitions” that are increasingly spilling from on-chain exploits into off-platform social engineering attacks.

Binance founder Changpeng Zhao (CZ) was the first to sound the alarm regarding Yi He’s account, urging users on X not to buy any meme coins promoted in the suspicious posts. “Web 2 social media security is not that strong. Stay safu!” CZ warned, highlighting the security gap between decentralized networks and centralized social platforms. He further commented on the worrying pattern, noting he hoped his own long-dormant WeChat profile wouldn’t be next and clarifying that he would never directly endorse meme coins on such a platform.

Following the hack, Yi He confirmed that she had not used the WeChat platform for some time and that the associated phone number had been taken over by the attackers. She has since reported successfully recovering her account through external verification and a password change. However, she cautioned that the threat has not fully dissipated, noting that the bad actors are “still lurking, exploiting feedback issues, and attempting to add her as a friend.” This indicates that account recovery does not necessarily end the harassment or the potential for future exploits.

The $55,000 MUBARA scam, while relatively small in scale compared to major exchange hacks, serves as a potent case study in hybrid crypto crime. It combines the technical on-chain execution of a pump-and-dump—traceable via platforms like Lookonchain—with the psychological manipulation enabled by hijacking a trusted executive’s social identity. As meme coins continue to attract speculative trading, the industry faces a dual challenge: securing blockchain protocols while also addressing the softer, human-centric security flaws in the social media channels where hype is generated and communities are built.