DxSale, a platform providing token launch and liquidity lock services for memecoin projects, suffered a cyberattack on the BNB Chain that resulted in the loss of $7.3 million. Approximately 1,400 liquidity providers were directly impacted by the incident.
Details of the attack and fund movement
According to data shared by blockchain security firm PeckShield, an attacker operating from the “0xC457” address transferred about $1.87 million worth of BNB tokens into two major wallets. The funds were then routed through various Binance deposit addresses, further complicating efforts to track the stolen assets.
Back in 2021, DxSale was widely used to lock liquidity for numerous tokens launched on the BNB Chain. Blockchain analyst Tahax noted that some projects still have their liquidity locked on the platform years later, and that the wallet used in the attack was newly created through the Bybit exchange.
The attacker quickly moved a portion of the funds using different infrastructures in an attempt to evade detection. During this process, smart contract ownership was also shifted from the previous wallet to new addresses, making it even harder to trace the trail of assets.
Mini glossary: A liquidity provider (LP) is a person who deposits cryptocurrencies into asset pools for trading pairs on decentralized exchanges and earns a share of transaction fees in return.
Background of the security breach
Analyst Tahax revealed that nearly nine months ago—269 days prior—ownership of the relevant DxSale contract was quietly transferred to another wallet. This transition took place without any official announcement. The transfer allowed a backdoor to remain within the contract, ultimately enabling the attacker to drain its assets.
Blockchain data indicates that ownership subsequently changed hands dozens of times until finally landing with the wallet that initiated the attack. Web3 security platform Coinsult commented that the presence of a backdoor and a legacy lock within the contract set the stage for the exploit.
“This type of attack once again underlines how critical security measures and contract audits are for decentralized finance projects. Hidden vulnerabilities left in smart contracts pave the way for substantial fund losses,” Coinsult emphasized in a recent statement.
Rising attacks in DeFi
DeFiLlama data shows that attacks targeting decentralized finance (DeFi) platforms led to total reported losses of $52 million in May. Although this figure dropped from the $634 million recorded in April—which was the highest since February 2025—the security of the sector remains a hot topic.
Manuel Araoz, the founder of the OpenZeppelin platform, pointed out the increasing capabilities of artificial intelligence in detecting smart contract vulnerabilities, warning that overall security risks across the entire DeFi ecosystem continue to grow.
| Period | DeFi Attack Losses (USD) |
|---|---|
| May 2024 | 52 million |
| April 2024 | 634 million |
According to up-to-date figures from DeFiLlama, more than $17 billion in crypto assets have been lost through various cyberattacks to date, of which about $7.8 billion resulted from attacks on DeFi protocols alone.
Security concerns and DxSale’s role
DxSale is recognized as a platform that enables new projects to easily launch tokens and lock liquidity in a decentralized fashion. The recent attack has heightened prevailing security concerns, particularly regarding assets locked in past years. While the company has yet to issue an official statement about the losses, the exact number of affected liquidity providers remains uncertain.
