The decentralized exchange, Bunni, has temporarily halted smart contract operations following a recent security breach. An unidentified actor exploited a vulnerability, resulting in the theft of approximately $2.4 million worth of stablecoins.
Blockchain security auditors have reviewed transactional data, confirming that the incident stems from a weakness in Bunni’s system for calculating liquidity distribution.
The Bunni team acknowledged the issue on September 2nd via a post on X (formerly Twitter) confirming, stating that all smart contract activities across supported blockchains were suspended while they investigate the incident.
Did you know?
Subscribe – We publish new crypto explainer videos every week!
What is Olympus DAO? (OHM Crypto Animated Explainer)
The stolen funds were extracted from Bunni’s
In the wake of the exploit, a Bunni team member, going by the handle @Psaul26ix, advised all users to immediately withdraw their funds and remove any remaining assets from Bunni’s liquidity pools.
Bunni leverages Euler Finance for managing its lending services and structured products. Despite this connection, Michael Bentley, CEO of Euler, has confirmed that the security breach did not affect the Euler Finance protocol itself.
Instead of relying on the standard Uniswap
KyberNetwork’s co-founder, Victor Tran, explained explained that the attacker discovered a method to manipulate the system by executing precisely calculated trades, thereby triggering errors within the liquidity rebalancing process.
On September 1st, a vulnerability was exploited leading to the theft of WLFI tokens from Ethereum ETH wallets. Interested in learning more about the mechanics? Read the full story.