The meme community was "attacked," and the loss from the DEXX theft may reach tens of millions of dollars

Original Title: "Reviewing the Large-Scale Theft of User Funds on DEXX: On-Chain Security is No Joke"

Author: Asher

This morning, members of various Meme communities, who were supposed to wrap up a night of busy "dog fighting," were suddenly stirred by a piece of news. The on-chain trading terminal DEXX was attacked, with multiple users confirming that their funds were transferred. This attack affected multiple chains, and the types of assets transferred were numerous, leading to a rapid short-term decline in several meme coins.

Dexx is a full-chain Memecoin trading platform that supports various on-chain assets such as SOL, ETH, TRX, BASE, and BSC. It mainly promotes features like on-chain mobile profit-taking and stop-loss, hot concept push notifications, smart wallet tracking notifications, doubling of capital, one-click anti-squeeze, and one-click buy/sell following.

In response to the DEXX user fund theft incident, Slow Mist founder Yu Xian posted on the X platform, stating that the affected users were related to using DEXX for dog coin trading or MEME speculation, and that the private keys belonged to DEXX's centralized custody, which must have been leaked, with investigations ongoing regarding the leak method. In no time, various Meme communities erupted in anger:

"I was woken up in the middle of the night to find that DEXX had stolen $20,000. All the hard work I put in for a month has gone to waste. I will never touch such centralized wallets again.";

"I can't believe it. I just registered and transferred 100 SOL in, and it got stolen. No wonder so many KOLs recommended it.";

"I liquidated all my Meme holdings. Many wallets have been hacked this time. If hackers steal coins, they will dump them, and after it ferments, all Meme coins could be dumped, leading to a collapse.";

Many Users Affected, Large Amounts Stolen

Due to the large number of users affected, a "rights protection group" was quickly established to register stolen information. The following image shows the record of stolen funds (as it was filled out by the affected users, only some data has been verified as true). Meanwhile, Slow Mist founder Yu Xian also stated: "Based on the data submitted by community users, we estimate that the losses from DEXX's theft amount to millions of dollars, and these funds are currently dispersed across multiple different hacker addresses."

Other community users have also reported a total amount exceeding ten million dollars. As the complete statistics on addresses have not yet been finalized, the total stolen amount cannot be definitively determined, but feedback from community users indicates that there are many who lost tens of thousands, hundreds of thousands, or even millions.

Partial screenshot of user registration of stolen information in the DEXX rights protection group (names have been redacted)

DEXX Official Response: No RUG, but Questions of Self-Theft Arise

After the theft incident occurred, the DEXX Chinese official account posted a response on the X platform: "Currently, DEXX has noticed the issue of tokens being transferred reported by multiple users, and several professional security audit teams are already analyzing and investigating. The team is working hard to resolve the issue, and there is no Rug. Further updates will be communicated to everyone via in-site notifications and X/Telegram as soon as possible."

DEXX Chinese official response to the large-scale theft incident

The personal information of DEXX's founder was also exposed. DEXX founder Roy (@honza 204) subsequently responded to the theft incident, stating: "We will compensate, isolated some users, there is no RUG, we are investigating, and cannot reply to everyone individually, please rest assured."

DEXX founder's response to the large-scale theft incident

However, this response has not been followed up, and users are not convinced, questioning whether DEXX is deliberately running away or engaging in self-theft.

DEXX rose to fame during this round of Meme craze in a short time, mainly relying on KOL promotions to quickly acquire users. According to KOLs who spoke to Odaily, the current bots offer very high commissions to quickly gain users, with some reaching as high as 50%-60% of the transaction fees. In the current environment of frequent dog coin releases, such income is quite substantial.

After the DEXX incident, many KOLs who previously promoted DEXX and described it as "the Binance of on-chain" began to quickly delete posts and distance themselves from it. The most criticized was the KOL @youmin 8341, who had previously flaunted exorbitant commissions.

After the incident, @youmin immediately tweeted @ DEXX's founder, stating that he had never withdrawn his commissions, and was mocked by netizens with "Two sticks break brotherhood, all the records are brother's names."

Security Recommendations

Meme undoubtedly represents one of the hottest sectors with the most wealth creation opportunities in this bull market, and engaging in on-chain operations and using various bots has become a daily habit for users. The incident of "DEXX being attacked and user funds being stolen" should serve as a wake-up call for the industry. To avoid incidents like "working for hackers with the Sol earned from months of hard work," Odaily Star Daily has compiled some security recommendations, urging everyone to be extremely cautious about the safety of on-chain assets:

- Do not blindly trust recommendations from others; study the product mechanisms well, and it is advisable to use bots that do not store private keys on servers;

- Choose bots that have been operating for a longer time, have a strong team, and no record of security incidents;

- Do not click on unfamiliar links in TG groups, and do not reply to any private messages;

- Regardless of the tools used, it is recommended to withdraw large amounts of funds to self-custody wallets after transactions;

Previously, incidents of theft have occurred with Bnanagun, Unibot, etc., and DEXX will not be the last.

Remember, in the dark forest of Web3, only those who survive until tomorrow have a chance.