Bunni DEX Suffers $2.3M Hack, Exposes Key DeFi Security Vulnerabilities

Decentralized trade Bunni has suffered a $2.3M exploit on the Ethereum blockchain, per blockchain safety scanner Blocksec Phalcon. The exploit occurred on Tuesday and seems to have been attributable to unauthorized entry.

The attackers reportedly focused Bunni’s Ethereum-based good contracts, although the precise approach is but to be disclosed.

ALERT! Our system detected a suspicious transaction concentrating on @bunni_xyz ’s contract on #Ethereum, and the loss is ~$2.3M. Please take actions ASAP.

— BlockSec Phalcon (@Phalcon_xyz) September 2, 2025

Per Etherscan, the perpetrators drained funds from the platform to the deal with 0xE04e… 64f2b, which held Aave Ethereum USDC and Aave Ethereum USDT tokens.

Bunni Protocol Pauses all Smart Contract Functions

Soon after the preliminary flagging of the exploit, Bunni protocol posted on X that its group is investigating the breach.

“The Bunni app has been affected by a safety exploit. As a precaution, we now have paused all good contract capabilities on all networks,” mentioned Bunni. “Our group is actively investigating and can present updates quickly.”

The Bunni app has been affected by a safety exploit. As a precaution, we now have paused all good contract capabilities on all networks. Our group is actively investigating and can present updates quickly. Thank you to your endurance.

— Bunni (@bunni_xyz) September 2, 2025

Bunni DEX permits customers to commerce crypto instantly with one another, with out the necessity for a central middleman. The platform depends closely on good contracts with a purpose to facilitate transactions.

Michael Bentley, Co-founder and CEO of Euler Labs, urged users to “take away funds from Bunni ASAP.” He added that Bunni rebalances funds in/out of Euler, assuring Euler will not be affected or in danger.

Exploit Exposes Smart Contract Security Risks

Smart contracts, which work on blockchain networks, can be utilized for buying and selling, managing monetary transactions and extra. Since they’re digital, good contract safety turns into essential.

Risks can come from varied components like code bugs, blockchain vulnerabilities, and programming language flaws, notes blockchain safety auditor CertiK.

In 2023, good contract vulnerabilities accounted for over $686 million in losses, mentioned CertiK.

Experts from Apex, a DEX for derivatives buying and selling, instructed Cryptonews that these vulnerabilities will be managed by interacting “solely with contracts audited by respected companies.”

Further, limiting token approval permissions can forestall wallet-draining exploits, they added.

The publish Bunni DEX Suffers $2.3M Hack, Exposes Key DeFi Security Vulnerabilities appeared first on Cryptonews.