Bunni DEX Shuts Down After $8.4M Hack, Second DeFi Closure

The collapse of Bunni DEX began on September 2, 2025, when attackers exploited a critical vulnerability in the platform’s Liquidity Distribution Function within its smart contracts. This sophisticated attack allowed hackers to manipulate internal calculations and systematically drain funds from liquidity pools on the Ethereum blockchain. Initial reports indicated losses between $2.3 million and $2.4 million on Ethereum, but subsequent analysis by security firms QuillAudits and Halborn revealed an additional $5.9 million had been stolen from Unichain, bringing the total loss to approximately $8.4 million.

The stolen assets, primarily consisting of stablecoins USDC and USDT, were consolidated into a single wallet, making recovery efforts more challenging. Following the incident, Bunni immediately paused all smart contract activity and advised users to withdraw their remaining funds. The platform’s swift response to halt operations prevented further losses but couldn’t undo the substantial financial damage that ultimately proved fatal to the project.

In the aftermath of the exploit, the Bunni team conducted a thorough assessment of what would be required to safely restart the platform. Their investigation revealed that comprehensive security audits and ongoing monitoring systems would cost between six and seven figures—an expense the project simply couldn’t afford after the $8.4 million loss. This financial reality forced the difficult decision to permanently cease operations rather than risk exposing users to further vulnerabilities.

The team announced the shutdown with a statement expressing their ‘saddened hearts’ at the outcome. Despite the closure, users will retain access to withdraw their assets through the official website until further notice. Additionally, the project plans to distribute remaining treasury funds to holders of BUNNI, LIT, and veBUNNI tokens through a snapshot that explicitly excludes team members, ensuring community members receive whatever value remains in the project.

In a final gesture to the broader ecosystem, Bunni has relicensed its v2 smart contracts from BUSL to MIT, making advanced features like surge fees and autonomous rebalancing freely available to other developers. Recovery efforts for the stolen funds continue in collaboration with law enforcement agencies, though the prospects for full restitution remain uncertain.

Bunni’s closure marks the second major DeFi initiative to shut down in less than 48 hours, following Kadena organization’s announcement that it would cease all business and development activities due to unfavorable market conditions. While the Kadena blockchain will continue operating through decentralized miners and developers, and its native KDA token will remain functional, the project’s core development has halted entirely.

The crypto community on platform X quickly noted the concerning pattern of back-to-back project failures, with one user questioning what was happening to the industry as projects ‘quit one after the other.’ Market reactions were severe, with KDA’s price dropping more than 99% from its 2021 peak of $27.64. Analysis suggests the token showed signs of dumping days before the official closure announcement, raising questions about market transparency and timing.

These consecutive closures underscore the mounting challenges facing DeFi projects, including sophisticated security threats, volatile market conditions, and the substantial financial resources required to maintain secure operations. The Bunni and Kadena situations demonstrate how quickly promising projects can unravel when faced with either external attacks or unfavorable economic environments, leaving token holders and the broader community to bear the consequences.