Old DxSale Lockers Drained for $7.3M Across 1,400 BNB Chain Pools as Owner-Privilege Exploits Pile Up - "The Defiant"

You've reached your guest reading limit.

By continuing, you agree to our Terms and Privacy Policy.

An attacker drained roughly $7.3 million from more than 1,400 legacy liquidity-provider positions sitting in old DxSale locker contracts on BNB Chain, security firms PeckShield and Coinsult flagged on May 29, a drain made possible not by a smart-contract bug but by a silent ownership transfer routed through roughly 80 wallets nine months earlier.

The attacker, operating from address `0xC457…FA69`, took control of the legacy locker, reduced its lock-modification fee to one wei, reset lock-expiration timestamps to 68 seconds after the Unix epoch and then batch-withdrew across 1,400-plus pools, according to Coinsult's trace of the privileged `setFee` call. The wallet was funded from Bybit and possibly routed through AnySwap; PeckShield reported 2,958 BNB — about $1.87 million at the time of the drain — moved through two consolidation wallets and into Binance deposit addresses.

The episode crystallizes a pattern that has run through every major BNB Chain exploit of the last six months: the network's biggest losses are coming from compromised owner keys and abused admin functions, not novel cryptographic flaws.