DxSale’s legacy liquidity locker on BNB Chain has been hit by a large LP-token drain affecting more than 1,400 pools, reviving old concerns around 2021-era launch infrastructure and dormant locked liquidity.
Current onchain estimates place the total affected value near $7.3 million across old liquidity positions, with about $1.74 million already extracted and another $2.91 million still considered exposed. The attack appears to target legacy locker mechanics rather than new DxSale products, with many affected pools tied to older BNB Chain tokens launched during the 2021 retail cycle.
The drain path is unusually slow-moving. Contract ownership was transferred roughly 269 days before the active withdrawals began, then moved through additional addresses before a custom drainer was deployed. That contract reportedly lowered fees, manipulated old lock settings and backdated unlock timestamps to 1970, allowing liquidity positions to be treated as withdrawable before funds were removed and swapped into BNB.
The impact stretches across dormant and thinly traded projects rather than one single active protocol pool. SafeMoon-linked liquidity is among the legacy positions reported in the affected set, making the incident notable even though many of the drained tokens no longer have deep markets or active communities.
Old Lockers Still Carry Real Market Risk
The DxSale case exposes a common weakness in aging DeFi infrastructure: liquidity locks can outlive the teams, interfaces and communities that created them. A locker may look inactive for years, but if it still controls LP tokens, contract ownership and withdrawal rules remain live security surfaces.
DxSale’s own old-lock documentation directs users with earlier presales and locks toward archived contracts, while a 2023 Dx Protocol vulnerability disclosure already warned that older locker designs on BNB Chain could expose substantial LP value. That older disclosure focused on a different flaw, but the broader risk is similar: legacy lock contracts can hold meaningful liquidity long after the market stops watching them.
BNB Chain has already seen several security events in recent days. The SKP attack on BNB Chain showed how fast liquidity-pool mechanics can translate into direct losses, while broader 2026 pressure from DeFi exploit losses keeps old contracts, token wrappers and automated execution paths under scrutiny.
DxSale had not issued a public incident response at publication time. The next signals are contract-level confirmation, wallet tracing, any attempt to freeze or recover funds, and clarity on whether remaining exposed pools can be protected before the drainer reaches them. For users holding old BNB Chain tokens, the incident is a reminder that “locked liquidity” is only as reliable as the contract, ownership controls and maintenance behind the lock.
Be the first to comment