Account Breach Triggered a Manipulation Wave

The hacked account was used to distribute a fake endorsement that instantly boosted visibility for a low-liquidity token. The attacker created two fresh wallets and accumulated millions of MUBARA tokens at low prices, indicating a pre-planned operation. The fabricated signal then pushed retail traders into rapid buying, speeding up the price rally.

Such attacks often rely on exploiting a trusted figure’s account. Manipulative content spread through social platforms can cause severe volatility, especially in the meme coin segment.

Yi He stated that she no longer uses WeChat and that the phone number linked to the account had been compromised. She explained that she was unable to regain access, revealing that the attack targeted a communication vulnerability.

On-Chain Data Clarified the Attack’s Structure

Analytics platforms showed that the attacker accumulated about 21.16 million MUBARA tokens using roughly 19,479 USDT. The rapid price spike that followed these purchases reflected the onset of a coordinated manipulation flow. As new liquidity entered the market, the attacker’s wallets began offloading their positions and selling into the rising price.

Blockchain traces confirmed that the incident involved a hybrid mechanism combining social-engineering and trading manipulation. The entire process unfolded within minutes, exposing the fragility of low-liquidity assets.

Lookonchain’s data shows that the attacker has already realized a significant portion of the profit. Approximately 11.95 million MUBARA were sold for 43,520 USDT. The wallet still holds around 9.21 million tokens worth nearly 31,000 dollars. With the remaining unsold supply, the total profit is estimated to be close to 55,000 dollars.

Someone hacked @heyibinance's WeChat account, and posted about $Mubarakah, sending the token's price soaring. @cz_binance

The hacker created 2 new wallets(0x6739 and 0xD0B8) ~7 hours ago and spent 19,479 $USDT to buy 21.16M $Mubarakah.

After the pump, the hacker has already… pic.twitter.com/39ncDQjgSe

— Lookonchain (@lookonchain) December 10, 2025

Warnings Issued After the Incident

Changpeng Zhao confirmed the breach and urged users to ignore fraudulent promotions. He emphasized once again that Web2 platforms lack strong security infrastructures. His call highlighted the importance of relying only on verified announcements from official sources.

“Someone hacked @heyibinance’s WeChat account. Do not buy meme coins from the hackers’ posts. Web2 social media security is not that strong. Stay safe.”

The event showed how quickly investors can be exposed to major risks when reacting to sudden price movements. The meme coin market remains one of the most vulnerable areas for manipulation.

This incident illustrates a new attack model combining social-engineering and rapid buy-sell exploitation.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post CZ Warns Users as Yi He Hack Fuels Sudden Meme Coin Rally appeared first on Coin Engineer.

The attackers demanded 40 BTC (approximately $4.3 million) from Gokal. Their posts included statements such as: “You should have paid 40 BTC” and “It was only 40 BTC… you should have paid.” Following these threats, the hackers posted a photo of Gokal holding his passport, his personal contact details, and images of an unidentified woman.  

Security Alarm in the Solana Ecosystem  

Additionally, they changed Migos’ Instagram bio. They promoted a new meme coin and shared links directing users to various Telegram groups. Security experts believe these groups aim to scam users with fake investment promises. Instagram removed the posts after about 90 minutes, but the content had already reached millions.  

Blockchain researcher ZachXBT revealed details of the attack on social media:  

“They targeted Gokal’s personal accounts. Using the information they gathered, they tried to extort money from him. It seems when he didn’t pay, they started exposing him. Today, they took over Migos’ account to spread this content.”  

Meanwhile, The Rollup co-founder Andy claimed that a Solana wallet balance belonging to a person named “Arvind” was also leaked in the posts. However, this person’s identity remains unclear.  

JUST IN: Hackers compromised rapper Migos’ Instagram account to leak Solana co-founder @rajgokal's passport, ID, and family pictures.

The materials appear to be KYC images, raising questions about whether the source may be linked to recent @coinbase data breach.

The caption… pic.twitter.com/wKEVKP1dFi

— SolanaFloor (@SolanaFloor) May 27, 2025

Gokal had warned his followers on X (formerly Twitter) days before the attack:  

“They tried to take over my email, social media, Google, and Apple accounts. If you see any suspicious posts about token launches or fundraising, know that it’s not me. Please be cautious.”  

The Solana (SOL) Foundation also issued an official statement regarding the incident:  

“This attack targeted Raj Gokal’s personal security. The Solana network and its projects were not affected. However, this event reminds everyone operating in the digital asset space to review their security.”  

The foundation also issued warnings to the community, emphasizing that users should trust only announcements from official channels. Additionally, they recommended basic security measures such as two-factor authentication, strong passwords, and regular account checks.  

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post 40 BTC demanded from Solana founder: Instagram Hack Scandal appeared first on Coin Engineer.