Hackers breach Bonk.fun domain and deploy crypto wallet drainer
Early reports suggest the damage was limited thanks to quick warnings from the community.
12.03.2026 - 10:15
254
3 min
0
Key points:
- Hackers gained control of the Bonk.fun domain and deployed malicious code designed to steal users’ crypto funds.
- The project team quickly warned the community and urged users to avoid the platform until further notice.
Attackers managed to seize control of the Bonk.fun domain, a token launch platform in the Solana ecosystem backed by Raydium and BONK. After the breach, a malicious program appeared on the site that could drain users’ crypto wallets.
Platform operator Tom reported the incident on his X account. He urged users not to access bonk.fun until further notice, explaining that hackers had gained access to a team account and placed a wallet-draining script on the website. The official BONK account later confirmed the breach.
Preliminary information suggests that the impact of the Bonk.fun hack was relatively limited.
According to Tom, previous connections to the platform remain safe, and transactions executed through third-party trading terminals were not affected. The risk applied only to users who, after the compromise, signed a fake message with the platform’s terms of service on the malicious version of the site.
The team quickly alerted the community, which helped minimize potential losses. The operator also said developers are already working to resolve the issue, although the exact amount of losses has not yet been disclosed.
Phishing Attacks Continue to Rise
The incident once again highlights that even well-known crypto projects remain vulnerable to attacks targeting their web interfaces.
Hackers breach Solv Protocol vault and steal $2.7 million in crypto
The project said it will compensate affected users and has offered the attacker a 10% bounty in exchange for returning the stolen funds.
Such phishing schemes usually follow a simple pattern: users are asked to sign a transaction or message on a fake website. Once they do, attackers gain access to their funds.
According to analysts, crypto-related fraud reached record levels in 2025. The total amount of illicit revenue approached $17 billion, while the number of fake accounts created using AI increased by roughly 1,400%. One of the most common scams is the so-called “pig butchering” scheme, in which fraudsters spend time building trust with victims before ultimately stealing their funds.
Useful material?
Telegram 
Twitter Incidents
Developers warned of potential risks to bridges across the ecosystem and asked exchanges for assistance.
Jun 22, 2026
Incidents
The defendant helped move funds stolen through investment scams and earned at least $4 million for his role in the operation.
Jun 10, 2026
Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Cryptocurrency rates
-
Bitcoin
$60 028
BTC
+0.02%
-
Ethereum
$2 551.16
ETH
+3.56%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.06
XRP
+1.04%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.07308
DOGE
-0.39%
-
Zcash
$384.99
ZEC
+0.32%
-
Stellar XLM
$0.173428
XLM
+1.5%
-
Cardano
$0.145184
ADA
+0.63%
-
Polkadot
$3.32
DOT
+5.27%