SlowMist’s Yu Xuan advised high-profile users to prune contacts, rotate passwords and act fast on alerts to reduce WeChat takeover risks.
News
Update Dec. 10, 9:30 am UTC: This article has been updated to add comments from a Binance spokesperson.
Newly appointed Binance co-CEO and co-founder Yi He said on X that her WeChat account was hijacked after an old mobile number was taken, highlighting how Web2 messaging platforms can be used to impersonate crypto executives.
“WeChat was abandoned long ago, and the phone number was seized for use. It cannot be recovered at present,” she in a translated X post.
The account has since been restored. A Binance spokesperson told Cointelegraph that the company worked closely with WeChat’s security team to recover access. “The account has now been successfully restored,” the spokesperson said.
Blockchain analytics firm Lookonchain that after the hack, the attackers promoted a token called Mubarakah, pumping the price. The platform claimed that the attackers netted $55,000 with the scheme.
The attack comes days after the Binance co-founder was of the crypto exchange platform. Binance CEO Richard Teng announced the news at Binance Blockchain Week in Dubai, calling it a “natural progression.”
SlowMist founder outlines how to avoid the attack vector
This follows a previous WeChat compromise in November, which involved Tron founder Justin Sun. On Nov. 30, Sun posted on X that his account was hacked and that he had contacted the platform to try to get the account back.
After the most recent attack, SlowMist founder Yu Xuan re-published a breakdown on how WeChat account takeovers may occur, warning that the barrier to attacks can be surprisingly low.
to his test, an attacker who already has access to leaked login credentials could seize control of an account by contacting two “frequent contacts.”
He said that this might include people who were never directly messaged and merely added as friends or interacted with briefly in a shared group.
In China, carriers typically mobile numbers to the market three months after users cancel their accounts.
This system, where inactive SIM-linked accounts can be reclaimed or reassigned, creates openings for credential stuffing, SIM-linked recovery abuse and targeted social engineering.
The SlowMist founder urged users, especially high-profile figures who handle over-the-counter (OTC) traders or wallet-related discussions, to avoid adding unknown contacts casually. He also recommended rotating passwords and responding quickly to login alerts.
Related:
CZ warned that he would not promote memecoin contracts
Binance co-founder Changpeng Zhao said on X that he also has not used his WeChat account for a long time.
Zhao warned that he would not promote any memecoin contract addresses on this account, giving users a quick reminder to stay safe amid growing threats.
The incident comes only months after BNB Chain’s official X account was compromised. On Oct. 1, hackers took over and on the official social media of the blockchain network.
BNB Chain previously told Cointelegraph that 10 links were posted and that $8,000 in user funds were lost. The company said that all affected users had been fully reimbursed.
Magazine:
