🎁 Ace quick missions & earn crypto rewards while gaining real-world Web3 skills. JOIN NOW! 🔥

$2.4 Million Vanishes from Bunni DEX in Targeted Liquidity Exploit

Key Takeaways

  • ​Bunni paused all smart contract operations after a $2.4 million exploit targeted its liquidity logic;
  • The issue stemmed from Bunni’s custom liquidity system, which was manipulated using carefully sized trades;
  • Although Bunni integrates with Euler Finance, Euler confirmed its own platform was not affected by the exploit.

Ace quick missions & earn crypto rewards while gaining real-world Web3 skills. Participate Now! 🔥

$2.4 Million Vanishes from Bunni DEX in Targeted Liquidity Exploit

A recent exploit has forced decentralized exchange Bunni to pause its smart contracts after a vulnerability allowed an attacker to take around $2.4 million in stablecoins.

Security researchers reviewing blockchain records confirmed that the loss occurred due to a flaw in how Bunni calculates liquidity distribution.

The incident was confirmed by the Bunni team on X on September 2, where they announced the shutdown of all smart contract activity across supported blockchains while the situation is under review.

Harmony ONE Explained (Beginner-Friendly Animation)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Funds were drained from Bunni’s Ethereum ETH $4,321.83 contracts and moved into a single wallet. This wallet currently holds around $1.33 million in USDC USDC $0.9986 and another $1.04 million in USDT USDT $0.9980 .

Following the event, Bunni contributor @Psaul26ix urged users to exit the platform immediately and warned them to remove any remaining assets from its pools.

Bunni relies on Euler Finance to manage its lending and structured product offerings. Despite the connection, Euler’s CEO, Michael Bentley, made it clear that Euler’s own protocol was not impacted.

Instead of using the default Uniswap UNI $9.58 logic, Bunni uses its own Liquidity Distribution Function (LDF), designed to spread liquidity across different price levels to help providers earn better returns. However, this function appears to have been at the core of the issue.

Victor Tran, the co-founder of KyberNetwork, explained that the attacker had discovered a way to trick the system by making trades of exact sizes, which caused errors in the liquidity rebalancing process.

On September 1, attackers exploited a security flaw to steal WLFI tokens from Ethereum ETH wallets. How? Read the full story.

Aaron S. Editor-In-Chief
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.

Loading...
binance
×
Verified

CLAIM $100 BONUS

Changelly Welcome Reward
Rating
5.0