Hidden backdoor in 2021-era liquidity locker drained $7.3M from 1,400+ BNB Chain LPs
On May 29, 2026, DxSale, a memecoin launch platform widely used during the 2021 BNB Chain boom, was drained of approximately $7.3 million from over 1,400 liquidity provider positions. The exploit targeted old liquidity locker contracts. The DxSale deployer had quietly transferred ownership of the locker to a new wallet 269 days prior (around August 2025) with no public announcement. Ownership then passed through roughly 80 intermediate wallets before landing at the exploit address. The attacker reduced the locking fee to 1 wei, backdated lock expiration timestamps to 68 seconds after the Unix epoch, and batch-withdrew across 1,400+ pools. The wallet was funded from Bybit.
The attacker transferred 2,958 BNB (~$1.87M) into two main wallets and subsequently deposited them into multiple Binance deposit addresses. Additional funds were routed through AnySwap bridge infrastructure to obscure the trail. The attacker also moved funds through what appeared to be mixer services. On-chain analysts noted that portions of the stolen funds had already become effectively untraceable due to the speed and fragmentation of the laundering operation.