A recent exploit has forced decentralized exchange Bunni to pause its smart contracts after a vulnerability allowed an attacker to take around $2.4 million in stablecoins.
Security researchers reviewing blockchain records confirmed that the loss occurred due to a flaw in how Bunni calculates liquidity distribution.
The incident was confirmed by the Bunni team on X on September 2, where they announced the shutdown of all smart contract activity across supported blockchains while the situation is under review.
Did you know?
Subscribe – We publish new crypto explainer videos every week!
What is Polkadot in Crypto? (DOT Animated Explainer)
Funds were drained from Bunni’s Ethereum
Following the event, Bunni contributor @Psaul26ix urged users to exit the platform immediately and warned them to remove any remaining assets from its pools.
Bunni relies on Euler Finance to manage its lending and structured product offerings. Despite the connection, Euler’s CEO, Michael Bentley, made it clear that Euler’s own protocol was not impacted.
Instead of using the default Uniswap
Victor Tran, the co-founder of KyberNetwork, explained that the attacker had discovered a way to trick the system by making trades of exact sizes, which caused errors in the liquidity rebalancing process.
On September 1, attackers exploited a security flaw to steal WLFI tokens from Ethereum ETH wallets. How? Read the full story.
