News
29 May 2026, 14:09
DxSale loses $7.3M in BNB Chain liquidity providers (LPs) hack

DxSale, a long-running token launch and liquidity locking platform widely used during the early BNB Chain memecoin boom, has suffered a major exploit that drained an estimated $7.3 million in liquidity provider (LP) funds. The incident affected more than 1,400 liquidity pools, according to on-chain tracking shared after the incident. The pools were spread across multiple older token projects, many of which had not seen active development or trading activity in years but still held locked liquidity inside DxSale contracts. Notably, the exploit did not appear to target a single token or project. Instead, it impacted a shared infrastructure layer used by hundreds of deployments, amplifying the scale of the losses. How the attack on the BNB Chain LPs happened On-chain analysis and investigator breakdowns from Tahax suggest the exploit was not sudden. Instead, it unfolded through a series of controlled administrative changes that occurred months before the actual drain. Roughly 269 days before the incident, the DxSale deployer reportedly transferred ownership of a key locker contract to a new wallet. The transition was not publicly announced, and no migration notice was issued to users or token teams relying on the system. Over time, ownership control did not remain static. The admin rights were reportedly moved through approximately 80 separate wallet transfers, each designed to obscure the trail of custody changes. These movements reduced visibility into who ultimately controlled the locker system while keeping administrative privileges intact. Two days before the exploit began, ownership was consolidated into a single wallet: 0xC4574DDEF299e7E563971e200433e592EeaaFA69 The wallet was newly created and reportedly funded through Bybit, with routing activity linked through cross-chain bridge infrastructure often used to obscure fund origins. Within hours of this consolidation, liquidity-draining activity began across hundreds of token pools. Technical execution of the drain A detailed breakdown from on-chain security analysts at Coinsult described the mechanism used to extract funds from the DxSale locker system. The attacking contract, deployed shortly before the incident, was unverified and built using Solidity 0.8.33. It functioned as a single orchestrator, allowing multiple actions to be executed within one transaction through self-calling logic. The execution sequence targeted the internal mechanics of the locker contract. First, the attacker triggered a function that reduced the locking fee to 1 wei, effectively removing cost barriers to modifying locked positions. This was followed by a second action that set the lock expiration timestamp to 68 seconds after the Unix epoch, effectively resetting the lock to a time that no longer protected deposited liquidity. After this, the fee parameter was raised to an extremely high value, approximately 1e29, which appears to have been used to disrupt normal contract interaction behaviour during execution. Once the internal state was modified, the attacker initiated repeated withdrawal calls that allowed tokens to be pulled from the locker. These funds were then converted into WBNB and BNB before being moved through multiple routes to obscure the transaction trail. The structure of the contract meant that once administrative parameters were changed, the “locked” status of liquidity no longer reflected actual withdrawal restrictions. Why the LP locker system became a target DxSale was widely used during the 2021 memecoin boom on BNB Chain as a default liquidity locking tool. Many token launches relied on it to demonstrate security to early investors by locking liquidity pool tokens for extended periods. However, the system’s security model depended heavily on administrative control rather than fully immutable contract logic. According to the analysis, functions such as fee adjustments and lock configuration remained accessible through privileged ownership roles. Security analysts noted that the exploit became possible because the locker contract still had an active owner key capable of modifying critical parameters. This meant that “locked” liquidity was not strictly enforced by immutable code but instead governed by adjustable contract settings. The post DxSale loses $7.3M in BNB Chain liquidity providers (LPs) hack appeared first on Invezz
29 May 2026, 13:00
DxSale Hack Drains $7.3 Million From 1,400 BNB Chain Investors

Blockchain investigators linked the exploit to wallet address ”0xC457,” which moved stolen BNB through multiple wallets and exchange deposit addresses. Analysts believe the attacker exploited a vulnerability related to contract ownership transfers and privileged permissions, allowing funds that were supposed to stay locked to be withdrawn. DxSale Suffers Major Hack DxSale, a meme coin launch platform that was once widely used on the BNB Chain, suffered a major security breach that resulted in the loss of approximately $7.3 million. The cyberattack reportedly affected around 1,400 liquidity providers whose funds were still locked in legacy liquidity contracts dating back several years. According to blockchain security firm PeckShield , the attacker used the wallet address ”0xC457” to withdraw funds and move approximately $1.87 million worth of BNB into two primary wallets before distributing portions of the stolen assets across multiple Binance deposit addresses. DxSale gained popularity during the 2021 crypto bull market, particularly among projects launching on the BNB Chain. Many of these projects used the platform's liquidity locker to reassure investors that liquidity would stay inaccessible for a specified period. However, blockchain analyst Tahax suggested that the exploited contracts still contained liquidity from numerous projects launched years ago. Investigations into the exploit indicate that the attacker may have taken advantage of a long-standing vulnerability tied to the platform's ownership structure. Tahax claimed that ownership of the locker contract was quietly transferred to a new wallet roughly 269 days before the attack, without any public migration announcement. The analyst further noticed that ownership subsequently passed through dozens of transactions designed to obscure the trail before ultimately reaching the wallet that executed the withdrawals. Security researchers from Web3 auditing platform Coinsult reported that a combination of privileged contract permissions and a backdated lock mechanism effectively transformed supposedly locked deposits into withdrawable balances. This allowed the attacker to repeatedly extract BNB from the affected contracts. The incident only worsened concerns about the security of decentralized finance protocols. Data from DefiLlama shows that crypto-related exploits have resulted in more than $17 billion in losses over the years, with decentralized finance protocols accounting for approximately $7.8 billion of that total.
29 May 2026, 12:39
DxSale loses $7.3 million in BNB Chain hack

🚨 $7.3 million in $BNB stolen from DxSale in a cyberattack. 1,400 liquidity providers suffered direct losses as funds were moved via Binance. Critical data: Contract ownership was secretly transferred, leaving a backdoor. 📌 Key point: Total DeFi attack losses now exceed $17 billion. Continue Reading: DxSale loses $7.3 million in BNB Chain hack The post DxSale loses $7.3 million in BNB Chain hack appeared first on COINTURK NEWS .
29 May 2026, 10:42
DxSale drained for $7.3M in BNB Chain liquidity exploit

DxSale was drained for about $7.3 million from BNB Chain liquidity providers, raising fresh concerns over old DeFi locker contracts.
29 May 2026, 08:30
Stake DAO Freezes Arbitrum vsdCRV Markets After Attacker Mints 5.4T Synthetic Tokens

On May 27, decentralized finance platform Stake DAO suffered an infinite-minting exploit on its Arbitrum protocol. However, Stake DAO core contributors quickly secured the mainnet funds backing the tokens, shut down the vsdCRV bridge, and successfully contained the exploit. Infinite-Minting Loophole Triggers Exploit Decentralized finance ( DeFi), platform Stake DAO confirmed May 27 that its
29 May 2026, 08:19
Solana, Sui and Aptos wallet data targeted in TrapDoor package attack

The campaign targets crypto, DeFi, AI and security developers with fake tooling packages to steal wallets, SSH keys, GitHub tokens, cloud credentials and browser data.







































