Binance Co-CEO Yi He’s WeChat Account Hacked to Push Memecoin MUBARA

Binance founder Changpeng Zhao said the WeChat account of newly appointed co-CEO Yi He was hacked late Tuesday and used to promote a little-known memecoin, turning the breach into a pump-and-dump scheme that briefly sent the asset surging on some decentralized exchanges.

Zhao said the attackers used the compromised account to circulate memecoin endorsements and urged users to ignore the messages.

“Web2 social media security is not that strong. Stay safu!” he wrote on X. “Do not buy meme coins from the hackers posts."

Yi He said she no longer uses WeChat and that the phone number tied to the account was taken over, preventing her from regaining access.

The hack comes less than a week after Binance elevated Yi He to co-CEO during the firm’s Blockchain Week event.

On-chain data shows the hack quickly shifted from a social-engineering breach to a trading exploit.

Analytics account Lookonchain identified two newly created wallets that accumulated roughly 21.16 million MUBARA tokens — a little-known memecoin on decentralized exchanges — by spending 19,479 USDT across PancakeSwap and related routes.

As the fake endorsement spread through WeChat channels, trading volume and price spiked sharply on Dexscreener charts.

The wallets then began offloading the position as fresh liquidity arrived.

According to Lookonchain, the attacker has already sold 11.95 million MUBARA for 43,520 USDT and still holds another 9.21 million tokens worth roughly $31,000, leaving profits near $55,000 with remaining inventory yet to be sold.

The sequence reflects a familiar exploit pattern of buying early, triggering retail demand through a compromised high-profile account, and sell into the surge. Late traders — reacting to what appeared to be an endorsement from a top Binance executive — were left exposed as the price reversed almost immediately once the selling began.

Binance has not issued a separate comment beyond the warnings from Zhao and Yi He.