Solana Platform Bonk.fun Compromised in Domain Hijack
Bonk.fun, a community-driven token launch platform tied to the BONK meme coin ecosystem and supported by the Solana decentralized exchange ( DEX) infrastructure around Raydium, suffered a domain hijack this week after attackers gained control of an account linked to the site’s domain or hosting provider.
The result was not a blockchain exploit, nor a smart contract failure. Instead, it was the sort of Web2 problem that continues to haunt Web3 platforms: control of the website itself.
Once the attacker obtained access, malicious code was deployed to the bonk.fun frontend. Visitors were greeted with what looked like a routine “Terms of Service” update prompt — a digital handshake that turned out to be anything but routine.
Users who connected their Solana wallets and signed the prompt unknowingly approved a wallet drainer script, giving the attacker permission to move tokens and solana (SOL) directly to attacker-controlled addresses.
Security researchers and community observers quickly flagged the behavior as phishing. Browsers soon began warning users that the domain could be malicious.
The Bonk.fun team responded within hours. Early warnings appeared on X from the platform’s official account and operator Tom, known online as SolportTom, urging users to avoid the site entirely.
“A malicious actor has compromised the BONKfun domain,” the project posted. “Do not interact with the website until we have secured everything.”
Tom added in a separate alert that hackers had “hijacked a team account forcing a drainer on the DOMAIN,” stressing that only users who signed the fake Terms of Service message after the takeover were affected.
Crucially, the team said the breach did not involve Solana smart contracts, Raydium infrastructure, or the BONK token itself.
Image source: X
Independent onchain analysis suggests the damage was contained quickly. Blockchain analytics from Bubblemaps linked roughly 35 wallets to the exploit, with an estimated $23,000 drained across attacker addresses. “Worst heist ever,” Bubblemaps wrote.
Some traders reported larger losses on social media — one claiming about $273,000 disappeared from a wallet — but those figures remain unconfirmed onchain.
In the fast-moving world of meme coin platforms, that tally qualifies as a relatively small incident, though “minimal losses” tends to be cold comfort for anyone who signed the wrong transaction. As of March 14, the Bonk.fun domain remains under caution while the team works to restore full control and security.
The broader Solana ecosystem appeared largely unfazed. BONK slipped slightly in the 24 hours following the incident while the wider meme coin market continued its usual speculative rhythm.
Still, the episode serves as another reminder that the most fragile part of decentralized finance infrastructure is often the part users see first: the website.
Wallet drainers tied to phishing pages and domain takeovers have become one of the most common attack vectors in crypto, exploiting human trust rather than blockchain code.
Security specialists regularly advise traders to use hardware wallets, maintain burner wallets for experimental dApps, and verify URLs before approving any transaction — especially when a site suddenly asks for a signature.
Because in crypto, sometimes the hack isn’t the chain. It’s the front door.
FAQ 🔎
- What happened to Bonk.fun?
Bonk.fun suffered a domain hijack March 11, 2026, allowing attackers to inject a wallet drainer into the site’s frontend. - How did the Bonk.fun hack work?
Visitors were tricked into signing a fake Terms of Service message that granted attackers approval to drain tokens from connected Solana wallets. - How many users were affected by the Bonk.fun exploit?
Onchain analysis suggests about 35 wallets were compromised, with roughly $23,000 in crypto drained. - Is the BONK token or Solana blockchain affected?
No, the incident involved a website domain takeover and phishing script, not a vulnerability in Solana, BONK, or Raydium smart contracts.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
