Skip to content

BonkDAO loses $20Mn in malicious governance proposal exploit

BONK DAO loses USD 20M in governance attack
Share this article

BonkDAO, the governing body behind the Solana-based Bonk memecoin, suffered a massive exploit of $20 million on Monday. Cyber criminals deployed a malicious governance proposal to violate the platform’s security, giving them direct access to treasury funds. This is the second exploit attack that hit the DeFi sector in the last few hours. Earlier on Monday DeFi vault platform Summer Finance also lost $6 million in a flash loan attack.

The exploit was confirmed on Monday by the official X handle that goes by the username @bonk_inu.

“During the investigation, BonkDAO identified the exchange wallets used to purchase Bonk ahead of the proposal. BonkDAO is currently actively working with exchanges, bridges and Solana Foundation to best manage the situation,” the post said.

While the Bonk team is working with various exchanges, Solana, and law enforcement agencies to try to recover funds and identify the culprits, the DeFi community has opened floodgates of discussions on the attack style on social media.

The attackers are suspected to have submitted a proposal to the BonkDAO seeking an ecosystem development grant. Regular community members may have seen this as a standard request looking for a minor funding.

The exploiter, however, had infected the smart contract of that grant proposal with a malicious function. Once the request was approved, the attacker triggered an immediate unauthorized transfer of $20 million worth of Bonk tokens from the main treasury into their wallets.

At the time of writing, the Bonk memecoin was trading at $0.054 as per CoinMarketCap.

The BonkDAO is yet to provide a detailed break-down of the incident.

The DeFi industry has already reportedly lost over $840 million to exploits so far.

Just a few hours ago, Summer Finance  suffered a smart contract exploit resulting in a loss of funds worth at least $6 million. A smart contract was manipulated by the attacker to execute a flash loan attack on the DeFi protocol.

Last month, a previously exploited Radiant Protocol announced the end of its operations after losing $50 million.

These back-to-back DeFi hack incidents have now highlighted the dire need for developers to address potential security lapses as a basic risk mitigation move.

About The Coin Headlines

The Coin Headlines strives to bring trust into crypto media. At a time when every soundbite and headline can move the markets from red to green and vice-versa, The Coin Headlines promises to bring verified, credible and timely news and analysis from the world of crypto, blockchain, Web3, tech and markets. Founded in 2026, The Coin Headlines is based in the UAE with a team of experienced journalists and editors covering breaking news and updates from around the world.

From covering the biggest events to interviewing some of the most popular KOLs in the industry, The Coin Headlines keeps you informed of the latest trends and insights.

At The Coin Headlines our focus is clear: Real-time news updates, market movements, whale transfers, macroeconomic trends, tech and AI and geopolitical breaking news. The news we report goes through a strict editorial audit before its published to ensure the readers only get verified and credible information. We realize the world of crypto is dynamic, volatile, and many times, confusing. At The Coin Headlines we break down these complex issues into simple articles which cater to not just the experienced trader but also the student and first-time investor who wants to understand the space before committing to it.