Binance co-founder He Yi recently encountered a typical incident of "celebrity account hacking and pump-and-dump".
The hacker first applied for a replacement phone number through an old mobile number that had long been discontinued, successfully taking over the WeChat account linked to that number and logging into He Yi's account. After gaining control, the hacker posted in her Moments, recommending a MEME coin called Mubarakah, and directly shared the contract address (CA), creating an atmosphere of "He Yi personally endorsing this shitcoin today", guiding fans and crypto users into a FOMO frenzy.
Prior to this, the hacker had already set up two newly created wallets, investing a total of about 19,000 U, and bought over 20 million Mubarakah at a low price. Following the on-chain purchases, the token price surged rapidly, with its market cap once reaching several million dollars. During the peak of the frenzy, the hacker successively sold about 10 million tokens, cashing out over 40,000 U, while still retaining some chips. Combining both sold and unsold portions, this operation made approximately 55,000 U in profit.
Many people find it strange: having hacked the account of a Binance executive, how could they "only" make over 50,000 U? This is actually related to several real-world limitations. First, Mubarakah itself is a niche MEME coin with very shallow liquidity; if the hacker had initially invested hundreds of thousands or millions of U, they would have pushed the price up excessively when buying and would subsequently crash the price when trying to sell, making it difficult to actually secure profits. Secondly, the incident was exposed very quickly; CZ and He Yi themselves clarified that the WeChat was hacked early on, and the media and on-chain analysis accounts quickly followed up, leaving the hacker with very limited time to harvest safely, thus they could only lock in profits as quickly as possible within a limited window. The wallets actually involved in the ambush might be more; the 55,000 U seen by the outside world is likely just the tip of the iceberg of the entire team's earnings.
In summary, the hacker exploited social account vulnerabilities, combined with celebrity effect and MEME sentiment, to complete a highly risky but also rewarding harvesting operation in a short period of time. For us, the most practical lesson is: when encountering a situation where a "big shot suddenly endorses a shitcoin and directly releases a CA", one should first think of the risks, be skeptical, and act later, rather than rushing in blindly as the last one to act.
$Mubarakah
