The decentralized exchange Bunni recently fell victim to a severe hacking attack due to a vulnerability in its Ethereum 
$3,094-based smart contracts. Approximately $2.3 million worth of assets were stolen during the attack. The blockchain security firm Blocksec announced that the breach occurred on Tuesday, the 2nd of September. While the exact techniques used by the hacker remain unclear, it’s been established that the perpetrator transferred the assets from the protocol to their own wallet.
Theft Route Identified
According to experts, the hacker moved the stolen assets from Bunni to the wallet address “0xe04…64f2b”. Current data indicates that this wallet holds $1.33 million in USDC and $1.04 million in USDT. A contributor from the Bunni team, identified as Psaul26ix, issued a general warning on the social media platform X, urging users, “If your money is in Bunni, withdraw it immediately.”
Bunni operates as a decentralized exchange built on Uniswap V4, using adaptive pools and incentive tokens to enhance returns for liquidity providers.
Bunni Team Takes Immediate Action
Following the attack, Bunni suspended all smart contract transactions across all networks. The team assured that they are closely monitoring the situation and will continue to keep users updated.
Through a statement on the social media platform X, Bunni’s team declared, “The Bunni application has been affected by a security vulnerability. As a precaution, we have halted transactions for smart contracts across all networks. The team is conducting investigations and updates will be shared shortly.”
