Binance reels as Yi He’s hacked WeChat triggers sudden memecoin frenzy

• A hacked WeChat account linked to Binance’s Yi He triggered a brief memecoin surge.
• MUBARA spiked 8x before crashing as attackers sold early, profiting about $55,000.
• Incident exposes risks of dormant web 2 accounts still influencing crypto markets.

A dormant WeChat account linked to Binance co-CEO Yi He was hijacked on 9 December, setting off a rapid memecoin spike that caught traders off guard and briefly reshaped activity on BNB Chain.

The compromised account was used to promote a little-known token called MUBARA, drawing in traders who assumed the posts came from a credible source.

Within minutes, the token’s price surged before collapsing, revealing how outdated social accounts can still influence crypto markets when tied to a senior industry figure.

Hacked WeChat posts fuel instant market reaction

The incident began when scammers took control of Yi He’s old WeChat account, which was tied to an inactive phone number.

Late on 9 December, the hijacked account started circulating posts portraying MUBARA, also known as Mubarakah, as a token with strong potential.

Because many of the account’s contacts remain active in China’s crypto circles, the messages spread quickly and triggered sudden trading activity.

Lookonchain later traced on-chain movements linked to the scheme, identifying two wallets that bought about 21.16 million MUBARA for 19,479 USDT roughly seven hours before the posts appeared.

Once the messages started circulating, MUBARA jumped from around $0.001 to $0.008 within minutes.

The token’s temporary value reached about $8 million as traders rushed into decentralised exchanges on BNB Chain.

Early buyers cash out as traders join the frenzy

As liquidity strengthened, the two wallets began selling into the spike.

By the morning of 10 December, the attackers had sold 11.95 million tokens for 43,520 USDT.

They still held about 9.21 million tokens valued near $31,000.

Early estimates place their profit at around $55,000, with unsold holdings leaving room for additional gains.

The token fell more than 60% once the selling started.

Several KOLs on X flagged wallet movements that suggested some traders may have acted moments before the WeChat posts went live, drawing attention to how closely the activity resembled a coordinated pump-and-dump.

Binance leaders warn users after breach

Binance founder Chang Peng Zhao told users to ignore all messages from the compromised account and highlighted persistent weaknesses in web2 platforms that have limited recovery options for older accounts.

Yi He confirmed the breach, noting that the account had been abandoned and cannot be retrieved. She urged users to avoid any token promotions linked to it.

The episode underscores how attackers can exploit legacy communication channels that still hold influence in specific trading communities.

WeChat remains widely used among crypto participants in China, meaning even dormant accounts can act as catalysts for misinformation that moves markets.

Market impact raises broader security concerns

The speed of the price swing revealed how quickly misinformation can affect micro-cap tokens in an environment where traders respond to signals within seconds.

The MUBARA surge and collapse highlighted gaps between user behaviour, platform security, and the decentralised markets that react instantly to new information.

For Binance’s global user base, the event serves as a reminder that reputation-linked accounts, even inactive ones, remain valuable targets for manipulation attempts.

As platforms assess the fallout, discussions are turning to how crypto communities can better handle vulnerabilities created by older communication tools.