According to Foresight News, decentralized exchange platform Bunni has released a report on the security breach that occurred on September 2. The team has restored the withdrawal functionality, allowing liquidity providers to access their assets, although other operations such as deposits and trading remain suspended.
The report highlights that a rounding error in the smart contract led to an $8.4 million flash loan vulnerability. Bunni has updated the rounding code to address this issue. The stolen funds were transferred through Tornado Cash, and Bunni is offering a 10% bounty to the attacker for the return of the remaining funds. Additionally, Bunni is collaborating with law enforcement and has requested centralized exchanges to freeze related accounts.