Update Dec. 10, 9:30 am UTC: This article has been revised to include comments from a Binance representative.
Newly appointed Binance co-CEO and co-founder Yi He announced on X that her WeChat account was compromised after an old mobile number was taken, emphasizing how Web2 messaging platforms can be exploited to mimic crypto executives.
“WeChat was abandoned long ago, and the phone number was seized for use. It is currently unrecoverable,” she stated in a translated post on X.
The account has since been restored. A Binance spokesperson informed Cointelegraph that the firm collaborated closely with WeChat’s security team to regain access. “The account has now been successfully restored,” the spokesperson remarked.
Blockchain analytics firm Lookonchain noted that following the breach, the attackers promoted a token named Mubarakah, resulting in price inflation. The platform asserted that the attackers garnered $55,000 from the scheme.
The incident occurred just days after the Binance co-founder was named co-CEO of the cryptocurrency exchange platform. Binance CEO Richard Teng announced this at Binance Blockchain Week in Dubai, describing it as a “natural progression.”
SlowMist founder explains how to mitigate the attack vector
This incident follows a prior WeChat breach in November involving Tron founder Justin Sun. On Nov. 30, Sun disclosed on X that his account had been hacked and that he had reached out to the platform for account recovery assistance.
In the wake of the recent attack, SlowMist founder Yu Xuan re-shared insights on how WeChat account takeovers can occur, cautioning that the barriers to committing such attacks can be surprisingly low.
According to his investigation, an attacker who possesses leaked login credentials could take control of an account by contacting two “frequent contacts.”
He specified that this might include individuals who were never directly messaged but were added as friends or interacted with minimally in a shared group.
In China, mobile carriers typically reissue mobile numbers to the market three months after users cancel their accounts.
This practice, where inactive SIM-linked accounts can be cleared or reallocated, paves the way for credential stuffing, SIM-linked recovery exploitation, and targeted social engineering.
Yu Xuan advised users, particularly notable figures who engage with over-the-counter (OTC) traders or wallet-related discussions, to avoid adding unfamiliar contacts casually. He also suggested changing passwords regularly and responding swiftly to login alerts.
Related: South Korea to impose bank-level liability on crypto exchanges after Upbit hack: Report
CZ cautioned against promoting memecoin contracts
Binance co-founder Changpeng Zhao mentioned on X that he, too, has not utilized his WeChat account for an extended period.
Zhao cautioned that he would not endorse any memecoin contract addresses on this account, serving as a prompt for users to prioritize safety amid escalating threats.
The event follows just months after BNB Chain’s official X account was breached. On Oct. 1, hackers orchestrated a takeover and began posting phishing links on the blockchain network’s official social media.
BNB Chain previously informed Cointelegraph that ten links were shared and that $8,000 in user funds were lost. The company assured that all affected users had been fully compensated.
Magazine: Quantum attacking Bitcoin would be a waste of time: Kevin O’Leary
