Recommended

Crypto Deposit Make instant crypto transfers to your futures account
USDT-M Perpetual Futures Trade futures contracts settled in USDT
VIP Fee Discounts Enjoy different fee discounts based on your VIP level
Coin-M Perpetual Futures Trade futures contracts settled in cryptocurrency
Fiat Deposit Buy your favourite coins in seconds
Affiliates Invite friends & get rewarded
Convert Covert your crypto instantly
Support Centre Find our FAQs here
Announcements Find all our official announcements
BTCC Academy Learn about blockchain and crypto
News The latest trends in the crypto market

Promotions

Referral
Campaigns
Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
register
BTCC / BTCC Square / coincentral /
Bunni DEX Collapses Following Devastating $8.4M September Security Breach

Bunni DEX Collapses Following Devastating $8.4M September Security Breach

Author:
coincentral
Published:
2025-10-23 17:41:42
14
3

Bunni DEX Shuts Down After $8.4M Loss in September Exploit

Another DeFi protocol bites the dust—this time with an eight-figure exit.

The Exploit That Broke the Camel's Back

Bunni DEX pulls the plug after hackers drain $8.4 million from its liquidity pools. The September attack exposes familiar vulnerabilities in decentralized finance infrastructure.

Security Failures Stack Up

Protocol developers scramble to contain fallout as users face total losses. No bailouts, no insurance—just another harsh lesson in crypto's high-stakes environment.

DeFi's Persistent Growing Pains

Smart contract audits prove insufficient yet again. The incident highlights the sector's ongoing struggle between innovation and security fundamentals.

Another reminder that in DeFi, your gains are only as secure as the weakest line of code—and apparently, someone forgot to check that line.

TLDR

  • Bunni DEX has officially shut down after losing $8.4 million in a major exploit.
  • The attack targeted Bunni’s Ethereum and Unichain smart contracts, exploiting a flaw in the Liquidity Distribution Function.
  • Despite offering a 10% bounty for the return of stolen funds, the attacker did not respond.
  • Bunni’s total value locked dropped from over $60 million to nearly zero after the exploit.
  • The project could not afford the high costs required for a secure relaunch and decided to close.

Bunni DEX has officially shut down after losing over $8.4 million in a September exploit. The decentralized exchange (DEX) was known for its innovative liquidity, but it was hit by a severe attack that drained funds. The project announced its closure on October 23 through its official X account.

Hack Leaves Project Unable to Recover

The attack occurred in early September and targeted Bunni’s ethereum and Unichain smart contracts. Hackers exploited a vulnerability in Bunni’s Liquidity Distribution Function (LDF). The flaw allowed attackers to withdraw more assets than they were entitled to. The exploit used flash loan manipulation and rounding errors to extract the funds.

Hello everyone, it is with saddened hearts that we announce the shutdown of Bunni.

The recent exploit has forced Bunni's growth to a halt, and in order to securely relaunch we'd need to pay 6-7 figures in audit & monitoring expenses alone – requiring capital that we simply don't…

— Bunni (@bunni_xyz) October 23, 2025

The total loss amounted to around $8.4 million, mainly in USDC and USDT. After the attack, Bunni froze its contract operations to prevent further damage. The project offered a 10% bounty to the attacker to return the funds, but there was no response.

Bunni’s total value locked (TVL) collapsed from over $60 million to nearly zero. Following the attack, trading and development activities came to a standstill. The project’s growth was halted, and the team confirmed that a secure relaunch was impossible.

Bunni DEX Unable to Afford Safe Relaunch

In a statement, the Bunni team explained that the costs to relaunch securely were too high. The team stated that it WOULD need “six to seven figures” for audit and monitoring costs. Additionally, months of redevelopment would have been necessary to recover.

The financial burden to resume operations was beyond what Bunni could afford. As a result, the team decided to shut down the platform. Despite earlier audits by Trail of Bits and Cyfrin, the bug was classified as a “logic-level flaw” rather than an implementation error.

Users can still withdraw their funds from the Bunni DEX website. However, the platform will distribute remaining treasury assets based on a snapshot of BUNNI, LIT, and veBUNNI holders. This distribution will occur once the legal process concludes. Team members will not receive any share of the remaining funds.

Bunni DEX Relicenses Smart Contracts and Moves Forward with Law Enforcement

In its final move, Bunni relicensed its v2 smart contracts from the BUSL license to the MIT license. This will allow other developers to freely access the technologies, including LDFs, surge fees, and autonomous rebalancing. The project team also confirmed its collaboration with law enforcement to recover the stolen funds.

Despite the shutdown, Bunni’s technology will remain available to the broader decentralized finance (DeFi) community. However, the exploit and the subsequent closure have added to a troubling year for blockchain security. As of 2025, over $3.1 billion has been lost in hacks and exploits across the industry.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2025 BTCC.com. All rights reserved

All articles reposted on this platform are sourced from public networks and are intended solely for the purpose of disseminating industry information. They do not represent any official stance of BTCC. All intellectual property rights belong to their original authors. If you believe any content infringes upon your rights or is suspected of copyright violation, please contact us at [email protected]. We will address the matter promptly and in accordance with applicable laws.BTCC makes no explicit or implied warranties regarding the accuracy, timeliness, or completeness of the republished information and assumes no direct or indirect liability for any consequences arising from reliance on such content. All materials are provided for industry research reference only and shall not be construed as investment, legal, or business advice. BTCC bears no legal responsibility for any actions taken based on the content provided herein.