DxSale hit by $7.3 mln exploit as claims of insider involvement rise – Details

Crypto hacking incidents have become rampant in 2026, with DeFi protocols being hit the hardest. So far in 2026, the total losses from the exploits have reached a record $854 million, with over $52 million stolen in May.  May has seen 27 hacking incidents, with DxSale being the latest victim of the rampage. DxSale exploited for $7.3 million According to on-chain investigator PeckShieldAlert, DxSale was drained of $7.3 million from 1400 BNBChain LPs. The attacker targeted old liquidity pools on BNB Chain LPs locked in 2021.  The investigator pointed out that addresses moved a total of 2,958 BNB, worth $1.87 million, to two main wallets. After the transfers, these tokens were deposited into multiple Binance deposit addresses.  According to on-chain monitors, ownership of legacy lockers was transferred nearly nine months ago to unverified contracts held by backers. The hacker changed ownership through 80 wallets, thus helping to remain hidden.  The last wallet used a custom drainer contract and executed a single tx masterclass. The attacker reduced fees to almost zero, then backdated the unlock period, thus withdrawing everything.  After the withdrawal, the attacker swapped to BNB, then deployed multichain.org mixers to remain untraceable.  DxSale insiders in the spotlight after the exploit After the exploit, investigators have pointed the blame at the DxSale team itself. Eyeonchain posited that the analysis directly pointed to a direct connection between hackers and the team.  According to Eyeonchains, in August 2025, someone claimed to be actively selling a service through DxSale's TG Channel. These sellers then assured an insider connection to the team and could unlock old LPS from projects launched before late 2021.  They claimed they had access to the wallet used to raise funds on DxSale. As part of their payment, they sought only 20% of the total funds recovered from the protocol. Based on these 2025 events, Eyeonchains concluded that the recent exploit was carried out by someone with insider-level access. Thus, the exploiter could be a former team member with prior knowledge of how to unlock those LPs.  If the insider accusations are finally confirmed, it will mean that those who built and promoted the locker left a backdoor. The backdoor remained open for years for these same individuals to finally exploit it themselves. However, funds already deposited with Binance are likely to be frozen. These funds likely belong to investors who previously raised funds on DxSale. Final Summary DxSale was drained of $7.3 million from 1400 BNBChain LPs, with hackers targeting old liquidity pools.  Insiders are accused of leaving a backdoor open and subsequently exploiting it.