Binance’s newly appointed co-CEO Yi He found herself at the center of an unexpected token frenzy after hackers took control of her old WeChat account on Dec. 9. The compromised profile — tied to an outdated phone number and no longer in active use — was suddenly revived to promote a little-known memecoin called MUBARA, triggering a classic pump-and-dump scheme across BNB Chain markets.
The posts, written to make MUBARA (also referred to as “Mubarakah”) look like a promising crypto gem, spread quickly among her contacts. Many of them operate in crypto-heavy circles, giving the messages immediate reach and sending curious traders scrambling to buy the token.
A coordinated setup
Blockchain analysts later revealed that this wasn’t a random scam—it was a coordinated move. According to on-chain data from Lookonchain, two newly created wallets quietly accumulated 21.16 million MUBARA for 19,479 USDT, roughly seven hours before the scam posts appeared on Yi He’s hijacked account.
Once the fake endorsements started spreading, MUBARA’s price skyrocketed from $0.001 to $0.008 within minutes, briefly pushing its market cap to $8 million. Trading volume surged on BNB Chain DEXs as opportunistic traders piled in, unaware of the manipulation behind the scenes.
The same wallets began offloading tokens once liquidity poured in. By early Dec. 10, the attackers had already sold 11.95 million tokens, cashing out around 43,520 USDT. They still hold 9.21 million MUBARA, currently valued at roughly $31,000. In total, the estimated profit from the scheme sits near $55,000, with potential upside if more tokens are sold.
After the sell-off began, MUBARA’s price collapsed more than 60%, leaving late buyers holding heavy losses. Several crypto influencers noted wallet activity that appeared to “front-run” the posts — suggesting some traders knew the pump was coming.
CZ and Yi He respond
Binance founder Changpeng “CZ” Zhao quickly stepped in to warn the community, urging users to completely disregard any WeChat messages appearing under Yi He’s name. He also used the incident to highlight how vulnerable major web2 platforms remain to account takeovers.
Yi He later confirmed that the compromised profile was an old, abandoned WeChat account that she no longer had access to. She stressed that no token promotions from that account should be trusted, emphasizing that the hack had nothing to do with Binance’s operations.
The incident is another reminder of how quickly misinformation — especially from a recognizable figure — can ripple through crypto markets. In regions where platforms like WeChat remain central to online communication and trading chatter, even an inactive account can become a dangerous weapon in the wrong hands.
Also Read: Bitcoin Wallets With 0.1 BTC See First Drop in Two Years
