Memecoin launch platform DxSale was drained of $7.3 million in a cyberattack affecting roughly 1,400 liquidity providers on the BNB Chain. According to blockchain data platform PeckShield, the attacker's address transferred $1.87 million worth of BNB into two main wallets and subsequently deposited them into multiple Binance deposit addresses.
First used in 2021 to lock liquidity for tokens on BNB Chain, DxSale's locker still held funds from older projects. Blockchain analyst Tahax noted the exploiter wallet was newly created and funded via crypto exchange Bybit. The attacker exploited a backdoor in the deployer contract, combined with a backdated lock, allowing withdrawal loops that drained deposits.
This theft adds to a concerning May for DeFi, which has seen $52 million stolen so far this month-down from April's $634 million, a one-year high last seen in February 2025, per DefiLlama data. Rising cyberattacks have intensified fears about DeFi safety. Manuel Aráoz, founder of OpenZeppelin, stated this week he now considers all of DeFi unsafe, citing AI's growing ability to identify smart contract vulnerabilities.
Onchain analyst Tahax reports the attacker has already moved some funds through infrastructure that may complicate tracing. The DxSale deployer quietly transferred ownership of the locker contract to a new wallet 269 days ago, with evidence of 80 subsequent ownership hops before landing at wallet '0xC45,' which started the mass withdrawals. Web3 security platform Coinsult explained: "A privileged setFee plus a backdated lock turned 'locked' deposits into a withdrawable balance."
Cointelegraph has approached DxSale for comment. The total crypto exploit losses tracked by DefiLlama now exceed $17 billion, including about $7.8 billion from DeFi protocols.