Bunni has released a report detailing a vulnerability that led to an $8.4 million flash loan exploit, affecting the weETH/ETH pair on Unichain and the USDC/USDT pair on Ethereum. The exploit was due to rounding errors in smart contracts during user withdrawals, which the attacker used to manipulate prices and liquidity. The attacker borrowed 3 million USDT via a flash loan, manipulated token prices, and exploited rounding errors in 44 small withdrawals to deplete USDC liquidity. Bunni has updated the rounding code and restored cross-chain withdrawals, while other functions remain suspended. The platform is collaborating with law enforcement to trace funds and is offering a 10% bounty for the return of the stolen assets.
Bunni Identifies Smart Contract Rounding Errors in $8.4M Flash Loan Exploit
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.