BonkDAO loses $20 million after attack through its voting mechanism
The attacker exploited the on-chain governance mechanism itself to legally siphon out the project's money.
07.07.2026 - 10:00
9
2 min
0
Key points:
- A hacker bought $4.4 million worth of BONK tokens and used the governance vote to push through a transfer of the treasury to their own wallet.
- Around $20 million in tokens on the Solana blockchain was siphoned out of the BonkDAO treasury..
- Just 7 wallets voted in favor of the proposal — out of the DAO's 18,000 participants.
The BonkDAO community, which runs development of the BONK meme coin on the Solana network, has reported the theft of $20 million from its own treasury. The scheme played out over the course of a week: an unknown actor first built up a position in BONK tokens, then put a proposal to a vote to transfer the project's funds to an address under their own control, and ultimately delivered the outcome they needed themselves. On the face of it, each step looked like a routine transaction.
Within 24 hours of the incident, the price of BONK slid by 7%, dropping to $0.05.
How the hacker outsmarted the BonkDAO voting mechanism
The scheme was set in motion on June 30, 2026. From an anonymous address, a proposal was put to a vote to transfer the BonkDAO treasury to an outside wallet. For the measure to pass, it needed to secure support equal to 1% of the total BONK supply — the minimum quorum.
By July 4 and 5, another address began aggressively buying up BONK on Bybit and Binance. Analysts at Lookonchain put the cost of that operation at around $4.4 million, with some of the money raised by the hacker through DeFi lending protocols.
The vote on BIP #76 – Sowellian BonkDAO drew a turnout of 2.9%. Support came from 7 addresses, while more than 18,000 DAO members ignored the vote entirely. The quorum threshold was cleared by the narrowest of margins: 882.38 billion BONK against the required 879.95 billion — exactly the sum the hacker had spent the preceding days piling up.
A final 99.9% "yes" vote effectively meant that the decision was taken by a single participant.
What happened to the stolen money
On July 6, the attacker's wallet cast its entire accumulated stake in favor of its own proposal. The measure passed, and roughly $20 million in BONK tokens automatically left the treasury and landed in the attacker's balance.
Nine hours later, around $188,000 was sent to an exchange, apparently to be converted into fiat. The bulk of the funds ($19 million) was parked by the hacker on a multi-signature address, where any operation requires several confirmations. The details were provided by Chainalysis.
BonkDAO's team has already identified the exchange wallets used to buy up BONK ahead of the vote and is coordinating with crypto exchanges, cross-chain bridges, and the Solana Foundation to contain the damage. Information about the incident has been forwarded to law enforcement.
Useful material?
Incidents
Developers warned of potential risks to bridges across the ecosystem and asked exchanges for assistance.
Jun 22, 2026
Incidents
The defendant helped move funds stolen through investment scams and earned at least $4 million for his role in the operation.
Jun 10, 2026
Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Telegram
Twitter