Crimes and Fraud News

DxSale Hacked for $7.3M—Suspicions of Insider Team Attack

Nana K.

29 May 2026 2 min read

The week ends with another major hack. This time, BNB▲$580.35 Chain is under attack.

The decentralized protocol DxSale on the BNB Chain has suffered a major attack. Attackers withdrew approximately $7.3B, affecting more than 1,400 liquidity pools that had been locked since 2021.

Hot topic: Bitcoin Whales Stop Buying as BTC Price Slides Below $74K

#PeckShieldAlert Tahax reported that @DxSale was drained ~$7.3M from 1,400 @BNBCHAIN LPs.

The address 0xC457…FA69 transferred a total of 2,958 $BNB (~$1.87M) to 2 main wallets, and subsequently deposited to multiple #Binance deposit addresses. pic.twitter.com/mQRO3zwuBT
— PeckShieldAlert (@PeckShieldAlert) May 29, 2026

Contents

1.Details of the BNB Chain Attack
2.Suspicion of Team Involvement
3.Consequences for BNB Chain
4.Market Context

Details of the BNB Chain Attack

According to analysts at Eye and PeckShield, the hacker exploited a critical vulnerability—a hidden backdoor in the smart contracts. The attack included:

A “silent transfer” of ownership on the contracts 269 days ago
More than 80 wallet-to-wallet transfers to hide traces
Mass withdrawal of funds, primarily in BNB
A portion of the stolen funds, approximately 3,400 BNB worth $1.2M, was sent to Binance deposit addresses

Here's how the exploit unfolded.

269 days ago, the DxSale deployer quietly transferred ownership of the locker to a new wallet.

The locker contract? Unverified. A backdoor was left in

No announcement, no migration notice, just a silent handoff pic.twitter.com/JbOGOQMBP6
— Tahax (@Tahax1) May 28, 2026

Suspicion of Team Involvement

The most alarming detail is the direct links between the attacker’s address, 0xC457, and the DxSale team:

The address had been inactive for a long time
It had a historical connection to developer wallets
It was the address through which funds were previously sent to the main DxSale smart contract

Analysts believe this indicates either a private key leak or that the project team itself may have organized the theft through a pre-placed backdoor.

Consequences for BNB Chain

DxSale was one of the most popular platforms for token launches and liquidity locking on BNB Chain. Many projects, including SAFEMOON, used it to show investors “secure” LP locks. Trust in such services has now been seriously undermined.

Experts have urged Binance to urgently freeze the linked addresses to recover funds for affected projects and retail investors.

Market Context

The incident adds $7.3M to May’s DeFi losses, which currently total $52M, following a record $634M in April. Total losses from hacking attacks in the crypto industry have exceeded $17B.

This hack once again highlights the vulnerability of old DeFi protocols and the risks associated with centralized control over smart contracts, even in “decentralized” projects.

Learn more: How KelpDAO Lost $292M — Inside 2026’s Biggest DeFi Hack and What Went Wrong