RateMyWallets
Published on December 10th, 2025By The RateMyWallets Team

Binance Co-CEO’s WeChat Compromised: The Hidden Danger of Recycled Phone Numbers

SecuritySocial EngineeringScamsSelf Custody
Header image for Binance Co-CEO’s WeChat Compromised: The Hidden Danger of Recycled Phone Numbers

The Anatomy of the Breach

The compromise of Yi He's WeChat account was not the result of a complex cryptographic exploit, but rather a flaw in traditional telecommunications policy: phone number recycling. According to reports, the attackers gained control of the Binance executive's account by acquiring a phone number that had been reassigned by the telecom provider after a period of dormancy. This 'SIM recycling' vulnerability allowed the hackers to bypass authentication protocols and hijack the identity of one of the crypto industry's most influential figures.

This incident mirrors a recent compromise involving Tron founder Justin Sun, suggesting a targeted campaign exploiting this specific vector against high-profile crypto personalities. Once inside the account, the perpetrators wasted no time in leveraging Yi He's reputation for financial gain.

The 'Mubarakah' Pump-and-Dump

Following the account takeover, the hackers promoted a meme token dubbed 'Mubarakah' (MUBARA) on the BNB Chain. Posing as the Co-CEO, they urged followers to invest, triggering a rapid influx of capital.

Blockchain forensics firm Lookonchain provided a detailed post-mortem of the financial movements. Their analysis revealed that the attackers had pre-positioned themselves by spending approximately $19,479 to acquire MUBARA tokens before launching the promotional campaign. As unsuspecting investors flooded in, driving the price up, the scammers liquidated their holdings.

Binance co-founder Changpeng Zhao (CZ) publicly confirmed the hack, issuing an urgent warning to the community to avoid the token. Despite the swift clarification, the damage was done; the scammers walked away with approximately $55,000 in profits, leaving followers holding the bag.

The Web2 Vulnerability in a Web3 World

The incident underscores a critical security gap: the reliance on mobile phone numbers as a root of trust. Telecom providers routinely recycle inactive numbers, creating a backdoor for identity theft that Two-Factor Authentication (2FA) via SMS cannot prevent if the attacker owns the SIM. For crypto investors, this reinforces the danger of trusting investment advice solely based on the verified status of a social media account.

The Lesson: Phone Numbers Are Weak Points

This attack targeted a celebrity, but the risk applies to everyone. Phone verification is a single point of failure. To stop theft and social engineering, you need self-custody and physical security.