DeFi Security Crisis: Bunni DEX Folds After Major Exploit, Leaving Users Empty-Handed
In one other blow to the decentralized finance (DeFi) sector, Bunni DEX, a Uniswap V4-based decentralized trade, has introduced its everlasting shutdown following an $8.4 million exploit that crippled its operations. The crew cited an incapacity to cowl relaunch and audit prices, marking one of the important DeFi collapses of 2025.
The exploit, which occurred on September 2, focused Bunni’s Liquidity Distribution Function (LDF), a customized mechanism designed to optimize liquidity for merchants.
Hackers used flash loans to control inner calculations, triggering rounding errors that allowed them to empty funds throughout Ethereum and Unichain networks. Despite prior audits by Trail of Bits and Cyfrin, the logic-level flaw went undetected.
Users Allowed Withdrawals, But Recovery Looks Grim
Before the assault, Bunni had quickly grown from $2.2 million to just about $80 million in whole worth locked (TVL), in line with DeFiLlama information. However, the breach erased months of progress in a matter of seconds.
Following the hack, Bunni’s crew halted operations, paused all good contracts, and urged customers to withdraw their remaining belongings “till additional discover.” Remaining treasury funds shall be redistributed to BUNNI, LIT, and veBUNNI tokenholders, with the crew pledging to exclude themselves from the compensation course of.
“The current exploit has pressured Bunni’s progress to a halt,” the crew posted on X. “To securely relaunch, we’d want six to seven figures for audits and monitoring, capital that we merely don’t have.”
In a closing act earlier than winding down, Bunni relicensed its v2 good contracts from Business Source License (BUSL) to MIT, opening its expertise, together with liquidity distribution capabilities, surge charges, and autonomous rebalancing, to different builders within the DeFi ecosystem.
The Broader Impact on DeFi Security
Bunni’s collapse spotlights a rising safety disaster in DeFi, which has already seen over $3.1 billion misplaced to exploits in 2025 alone, in line with Hacken’s report. The incident highlights the hazards of deploying customized good contract logic with out enough monetary and technical safeguards.
Industry consultants warn that the occasion may usher in a brand new period of cautious innovation, the place builders prioritize complete audits, real-time monitoring, and stricter bug bounty packages.
For customers, the Bunni exploit serves as a stark reminder: within the high-yield world of decentralized finance, belief and transparency stay as precious because the tokens themselves.
Cover picture from ChatGPT, ETHUSD chart from Tradingview