In another blow to the decentralized finance (DeFi) industry, Bunni DEX, a decentralized exchange based on Uniswap V4, announced its permanent closure following an $8.4 million exploit that crippled its operations. The team cited an inability to cover recovery and audit costs, marking one of the most significant DeFi collapses of 2025.
The exploit, which occurred on September 2, targeted Bunni’s Liquidity Distribution Function (LDF), a custom mechanism designed to optimize liquidity for traders.
Hackers used flash loans to manipulate internal calculations, triggering rounding errors that allowed them to drain funds across the Ethereum and Unichain networks. Despite previous audits by Trail of Bits and Cyfrin, the logic-level flaw was not detected.
Users allowed withdrawals, but recovery looks bleak
Before the attack, Bunni had quickly grown from $2.2 million to nearly $80 million in total value locked (TVL), according to data from DeFiLlama. However, the breach erased months of progress in seconds.
After the hack, Bunni’s team shut down operations, suspended all smart contracts, and urged users to withdraw their remaining assets “until further notice.” The remaining treasury funds will be redistributed to BUNNI, LIT and veBUNNI token holders, with the team agreeing to exclude themselves from the compensation process.
“The recent exploit has forced a halt to Bunni’s growth,” the team posted on
In a final act before stepping down, Bunni re-licensed its Business Source License (BUSL) v2 smart contracts to MIT, opening its technology, including liquidity distribution features, surge fees, and autonomous rebalancing, to other developers in the DeFi ecosystem.
ETH's price trends sideways on the daily chart. Source: ETHUSD on Tradingview
The broader impact on DeFi security
Bunni’s collapse highlights a growing security crisis in DeFi, which has already lost more than $3.1 billion to exploits in 2025 alone, according to Hacken’s report. The incident highlights the dangers of deploying custom smart contract logic without sufficient financial and technical safeguards.
Industry experts warn that the event could usher in a new era of careful innovation, in which developers prioritize comprehensive audits, real-time monitoring and stricter bug bounty programs.
For users, the Bunni exploit serves as a stark reminder: in the high-yield world of decentralized finance, trust and transparency remain as valuable as the tokens themselves.
Cover image from ChatGPT, ETHUSD chart from Tradingview
Editorial process as Bitcoinist focuses on providing thoroughly researched, accurate and unbiased content. We follow strict sourcing standards and every page undergoes careful review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance and value of our content to our readers.
