Binance Co-ceo Yi He Hit By Wechat Hack Amid Growing Web2 Risks For...

SlowMist’s Yu Xuan advised high-profile users to prune contacts, rotate passwords and act fast on alerts to reduce WeChat takeover risks.

Update Dec. 10, 9:30 am UTC: This article has been updated to add comments from a Binance spokesperson.

Newly appointed Binance co-CEO and co-founder Yi He said on X that her WeChat account was hijacked after an old mobile number was taken, highlighting how Web2 messaging platforms can be used to impersonate crypto executives.

“WeChat was abandoned long ago, and the phone number was seized for use. It cannot be recovered at present,” she said in a translated X post.

The account has since been restored. A Binance spokesperson told Cointelegraph that the company worked closely with WeChat’s security team to recover access. “The account has now been successfully restored,” the spokesperson said.

Blockchain analytics firm Lookonchain flagged that after the hack, the attackers promoted a token called Mubarakah, pumping the price. The platform claimed that the attackers netted $55,000 with the scheme.

The attack comes days after the Binance co-founder was appointed as the co-CEO of the crypto exchange platform. Binance CEO Richard Teng announced the news at Binance Blockchain Week in Dubai, calling it a “natural progression.”

This follows a previous WeChat compromise in November, which involved Tron founder Justin Sun. On Nov. 30, Sun posted on X that his account was hacked and that he had contacted the platform to try to get the account back.

After the most recent attack, SlowMist founder Yu Xuan re-published a breakdown on how WeChat account takeovers may occur, warning that the barrier to attacks can be surprisingly low.

According to his test, an attacker who already has access to leaked login credentials could seize control of an account by contacting two “frequent contacts.”

Source: CoinTelegraph