BonkDAO (Decentralized Autonomous Organization) has reported that it was recently the victim of a $20 million drain via a decentralized governance exploit.
BonkDAO suffers $20M theft
According to the organization, the attacker first purchased $4 million worth of BONK tokens from several exchanges to gain sufficient voting power. They then used this to single-handedly pass a malicious proposal, resulting in the transfer of 4.426 billion BONK tokens (about $20 million at the time) from the BonkDAO treasury to their controlled wallet. The attacker also renamed the DAO to “Sowellian BonkDAO”.
Source: solscan.io
As seen on solscan.io, the siphoner has already started moving these tokens towards exchanges. This has heightened selling pressure, with BONK dropping 7.25% over the last 24 hours to $0.0544. Just two days ago, BONK was among the trending meme coins boasting a 14% rally in a day amid a broader market downturn.
BonkDAO now says it is working wth bridges, exchanges, the Solana Foundation, and law enforcement to track the funds and eventually freeze or recover them.
https://x.com/bonk_inu/status/2074191403781906800
Crypto exploits in July
The brute-force capital approach was successful because the DAO lacked several safety measures. Among them are execution-time locks, which enforce a delay between the approval of an action and its actual execution, so that the community, developers, and researchers can note any oddities. Another is mandatory multisig override, which employs a highly secure multisig wallet to temporarily bypass execution time locks in the event of an emergency, such as a hack.
The latest incident follows the March hijacking of bonk.fun domain – one of Solana’s meme coin launch pads. At the time, attackers swapped the “accept Terms of Service” prompt with a malicious script that drained all wallets connected to the site. Nonetheless, the attack was short-lived and damage minimal – attackers drained up to 50 Solana (SOL) tokens from each of the 35 affected wallets.
Just hours before today’s incident, blockchain security firm Blockaid flagged an active $6 million exploit targeting the DeFi yield protocol Summer.fi.
Was this writing helpful?
Story Ends Here
Trust with CoinPedia:
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
Investment Disclaimer:
All opinions and insights shared represent the author’s own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored and Advertisements:
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.
Read the Next News










Kommentar hinterlassen