Quick Takeaways
- Over 1,400 old DxSale liquidity pools on BNB Chain were drained of $7.3M due to a suspected backdoor vulnerability in unverified smart contracts.
- Attackers, linked to a newly funded wallet, exploited a transferred ownership of the locker, which held LPs from inactive projects, to orchestrate the theft.
- This incident exemplifies growing DeFi security risks, with recent exploits causing over $650M in losses across various protocols in April and May.
- Experts warn that the rapid pace of AI-assisted attacks is outpacing current security measures, making the entire DeFi ecosystem increasingly unsafe.
Over 1,400 Liquidity Providers Hit in $7.3 Million DxSale Exploit
The Details of the Attack
On May 29, blockchain security firms revealed a major breach involving DxSale, a platform used to create crypto tokens and their liquidity pools. Over 1,400 old DxSale contracts on BNB Chain experienced a hacking attack. The hackers drained approximately $7.3 million worth of cryptocurrency. They then used a service called AnySwap to hide their trail. According to security group PeckShieldAlert, a user named “Tahax” was the first to warn about the attack. The hacker targeted liquidity pools that had been inactive for many years.
Another key point involves a wallet with the address “0xC457…FA69.” This wallet transferred nearly $1.87 million, in BNB, from the hack to other wallets on Binance. The attacker then moved the stolen funds through different deposit addresses. It appears the attacker gained control of a contract that was thought to be secure. The contract’s ownership was transferred to a new wallet about nine months ago without raising any alarms. An analyst suggested the contract was unverified and might have had a backdoor, which the hackers exploited.
Broader Security Concerns in DeFi
This incident highlights ongoing issues in decentralized finance (DeFi). The crypto industry saw at least $650 million lost in April from similar hacks. May brought several more attacks, including one where over $11 million was stolen from the Verus bridge. Researchers explained that attackers exploited flaws in how the bridge verified transactions. For example, a small transaction successfully unlocked large withdrawals.
Other high-profile breaches include TrustedVolumes, which lost about $5.9 million due to weaknesses in its settlement system. Additionally, THORChain faced a loss estimated over $10 million, causing its RUNE token to drop sharply in value.
Many experts warn that DeFi protocols remain vulnerable. Manuel Aráoz, co-founder of OpenZeppelin, said, “all of DeFi unsafe.” He argued that increasingly sophisticated hacking methods, often aided by AI, make it hard for security teams to keep up with the rapidly evolving threats.
Stay Ahead with the Latest Tech Trends
Stay informed on the revolutionary breakthroughs in Quantum Computing research.
Discover archived knowledge and digital history on the Internet Archive.
Disclaimer
This content is for informational and entertainment purposes only and does not constitute financial or investment advice. Cryptocurrency is highly speculative and carries significant risk, including the potential loss of your entire investment. This information may be outdated or incomplete. Do not make financial decisions based on this information. Consult a licensed financial advisor before investing. This site does not offer, sell, or advise on cryptocurrency, securities or other regulated financial products in compliance with SEC and applicable laws. Please do your own research and seek professional advise.
CryptoV1
