In a stark reminder of the persistent security threats targeting high-profile figures in the crypto industry, Binance's newly appointed co-CEO and co-founder, Yi He, had her WeChat account hijacked after an old, associated mobile number was reassigned and seized by attackers.

The Attack and Its Aftermath
Yi He announced the breach on X, stating, "WeChat was abandoned long ago, and the phone number was seized for use. It cannot be recovered at present." According to blockchain analytics firm Lookonchain, the attackers used the compromised account to promote a token called Mubarakah, netting approximately $55,000 in a classic pump-and-dump scheme.

• Account Recovery: A Binance spokesperson confirmed that the company worked with WeChat's security team and has successfully restored access to the account.

The Vulnerable Attack Vector: Recycled Phone Numbers & Social Engineering
This incident follows a similar attack on Tron founder Justin Sun's WeChat account in November. SlowMist founder Yu Xuan re-shared an analysis highlighting the surprisingly low barrier for such takeovers in China's mobile ecosystem:

1. Recycled Numbers: Carriers typically reissue phone numbers three months after an account is canceled. An attacker can acquire an old number linked to a target's account.
2. Social Engineering Recovery: WeChat's account recovery can sometimes be triggered by contacting two "frequent contacts"—which may include casual connections or group chat members—allowing an attacker to reset credentials.
3. Credential Stuffing: Leaked passwords from other breaches can be tested against the WeChat account.

Industry Response and Security Recommendations

• SlowMist's Advice: High-profile individuals should avoid casually adding unknown contacts, rotate passwords regularly, and respond immediately to login alerts.
• Changpeng Zhao's Warning: The Binance co-founder stated he also hasn't used his WeChat account for a long time and would never promote memecoin contracts there, urging users to stay vigilant.

Broader Context: A Pattern of Social Media Compromises
This is not an isolated incident. Only months ago, in October 2024, the official X account of BNB Chain was compromised, leading to phishing posts and $8,000 in user losses (later reimbursed). These events underscore that centralized social platforms and communication tools (Web2) remain critical vulnerabilities for the decentralized finance (Web3) world.

The Bottom Line:
The hijacking of Yi He's account—days after her high-profile promotion—exposes a systemic security weakness at the intersection of traditional telecom systems, social media, and the crypto industry. It highlights that digital identity and account recovery mechanisms are prime targets for scammers aiming to exploit the trust and influence of industry leaders. For the crypto community, it's a critical reminder: verify all promotional messages through official channels, enable the highest possible security settings (like hardware 2FA), and be inherently skeptical of "too good to be true" offers—even when they appear to come from a trusted name.