Particle.news
Download on the App Store
7 ARTICLES
·
3h ago

Bunni Halts Smart Contracts After $8.4 Million Cross-Chain Exploit

Forensics point to manipulation of its Liquidity Distribution Function, with stolen assets traced to wallets on Ethereum.

Bunni dex halts smart contracts after exploit drains $8.4m across chains

Overview

  • Security firms report roughly $8.4 million drained across Unichain and Ethereum, including about $6 million on Unichain and around $2.3 million from Ethereum contracts.
  • Unichain-derived proceeds were swapped into ETH and bridged to Ethereum via Across Protocol in batches of roughly 100 ETH, investigators said.
  • CertiK said the attack hit BunniHub, the protocol’s main contract system, while analysts describe trades of precise sizes that exploited the custom Liquidity Distribution Function.
  • On-chain data shows the Ethereum-side haul consolidated largely into a single wallet holding about $1.33 million in USDC and $1.04 million in USDT, with funds traced to two Ethereum addresses overall.
  • Bunni paused all smart contract operations across supported networks and, according to Brave New Coin, offered the attacker a 10% bounty for returning funds as the investigation continues.