A flaw in Bunni’s custom liquidity logic allowed an attacker to drain about $2.4 million in stablecoins, prompting the platform to pause all contracts.
Decentralized exchange Bunni fell victim to an exploit, losing about $2.4 million in stablecoins after attackers manipulated the platform’s liquidity calculations, according to onchain data by multiple Web3 security firms.
“The Bunni app has been affected by a security exploit,” its team confirmed on X on Tuesday. “As a precaution, we have paused all smart contract functions on all networks. Our team is actively investigating and will provide updates soon,” the team added.
The attack targeted Bunni’s Ethereum-based smart contracts. Funds were drained to an address holding $1.33 million in USDC (USDC) and $1.04 million in USDt (USDT).
Read more