.png)
1 month ago
3
The exploit targeted BunniHub, the protocol's main contract system, and the funds have been traced to two Ethereum wallets.
Sep 2, 2025, 8:46 a.m.
Bunni, a decentralized exchange built on Uniswap v4’, paused all smart contract functions after a security breach drained an estimated $8.4 million in crypto.
Blockchain security firm CertiK said the exploit targeted BunniHub, Bunni’s main contract system, and resulted in $2.3 million in losses on Ethereum. An earlier attack on Uniswap Labs’ layer-2 network Unichain pushed total losses to around $8.4 million. The firm traced the stolen funds to two Ethereum wallets.
Bunni’s developers have suspended all contract operations across supported networks while they investigate the incident, according to a social media post.
“As a precaution, we have paused all smart contract functions on all networks. Our team is actively investigating and will provide updates soon. Thank you for your patience,” Bunni’s post reads.
The exchange runs on Uniswap v4's “hooks” feature, which Uniswap Labs CEO Hayden Adams described as “plugins to customize how pools, swaps, fees, and LP positions interact.”
More For You
Indian Crypto Exchange CoinDCX Suffers $44M Hack
The timing of the hack carries an unsettling echo: it occurred exactly one year after another Indian exchange, WazirX, was hacked for $235 million.
What to know:
- Indian cryptocurrency exchange CoinDCX suffered a $44 million security breach on Friday.
- The exchange said the breach was quickly contained, and that customer assets were untouched and remain stored in cold wallets.
- The exchange is working with cybersecurity partners to investigate the breach and recover assets, and has absorbed the loss from its own treasury reserves, it added.
