Image Credit: Shutterstock
DxSale’s legacy liquidity locker on BNB Chain was drained in an exploit that affected more than 1,400 old liquidity pools, with on-chain analysts estimating losses at about $7.3 million.
The incident appears to involve older LP-token positions locked through DxSale during the 2021 cycle. DxSale has not yet published a full contract-level postmortem, leaving the exact contract path and recovery outlook unresolved.
269-Day Ownership Shift Preceded DxSale Drain
On-chain analyst Tahax said the exploit path began about 269 days before the drain, when ownership of a legacy locker contract was transferred away from the original DxSale deployer in August 2025.
Tahax said ownership then moved through about 89 wallets before reaching a fresh address that had recently been funded through Bybit and bridge activity. That path has led investigators to focus on legacy contract control rather than DxSale’s current public tooling.
Old Locker Contract Exposed 1,400 BNB Pools
Investigators have framed the incident as a possible admin-control or legacy-contract compromise. The risk appears to have come from an old, unverified locker contract that still had privileged control over locked LP-token positions.
That structure may have allowed the attacker to create new locks over positions users believed were already secured. The access path then appears to have enabled the drain of LP tokens tied to older projects.
The exploit does not currently appear to be a sudden failure in a new DxSale contract. The available analyst reports instead point to older infrastructure that still retained enough control to expose funds years after the original locks were created.
Funds Moved Cross-Chain After $7.3M Exploit
Reports tied to the incident said the attacker quickly swapped assets and moved funds through cross-chain routes after the drain.
That movement is consistent with attempts to fragment the transaction trail before teams and analysts can coordinate a response. Analysts are still tracking the post-exploit fund flow across wallets and bridges.
DxSale Postmortem Still Needed After Legacy Locker Exploit
The next verified step is whether DxSale or independent researchers publish a full contract-level postmortem. That report would be needed to confirm how ownership changed, which contract permissions were used and whether any affected users have a recovery path.
Until then, the incident remains focused on a legacy BNB Chain liquidity locker, more than 1,400 affected pools and an estimated $7.3 million loss.
