DxSale Suffers $7.3M Exploit Due to BNB Chain Compatibility Issue

On May 30, 2026, DxSale reported a security incident involving a vulnerability in its v1 lockup contracts, launched in 2021, caused by a compatibility issue with BNB Chain's Atomic Transaction feature. The exploit led to the theft of approximately $7.3 million from over 1,400 liquidity pools. The affected contracts were identified, and it was confirmed that v2 and later contracts are secure and unaffected, having passed CertiK audits. The attack involved manipulating ownership through a backdoor contract, with the attacker transferring 2,958 BNB (around $1.87 million) to multiple wallets. DxSale reassured users that their funds in v2, v3, and subsequent versions remain safe. The incident has drawn significant market attention due to the scale of the theft and the nature of the vulnerability.

Key Points: • The security incident involved a $7.3 million theft from DxSale's v1 lockup contracts. • Only the v1 contracts launched in 2021 were affected; v2 and later contracts are secure. • The exploit was enabled by a compatibility issue with BNB Chain's Atomic Transaction feature.