Home » BONK DAO Loses $20 Million After Attacker Buys Governance Vote to Drain Treasury

BONK DAO Loses $20 Million After Attacker Buys Governance Vote to Drain Treasury

by Victoria Kelly
0 comments


A governance exploit has cost the BonkDAO treasury an estimated $20 million, after an attacker spent roughly $4.4 million acquiring enough BONK tokens to push through a malicious proposal that automatically transferred the funds to a wallet under their control.

The incident, which unfolded over the course of a week and culminated early Monday, has reignited debate over whether onchain governance — long pitched as a transparent, community-driven alternative to centralized control — is fundamentally vulnerable to anyone willing to pay for a temporary majority.

How the Attack Unfolded

The scheme began on June 30, when an anonymous wallet submitted a proposal titled “BIP #76 – Sowellian BonkDAO” to the project’s onchain governance platform. On its surface, the proposal read like a reform pitch, promising to “rebuild from the ashes, monetize holdings, stop the bleeding,” and install new governance members. Buried within it, however, was a single operative instruction: transfer roughly 4.426 trillion BONK tokens — the entire contents of the treasury — to a wallet ending in “JHvQ.”

To pass, the proposal needed “yes” votes equal to at least 1% of BONK’s total supply, the quorum threshold set by the DAO’s rules. Over July 4 and 5, a separate wallet methodically acquired exactly that amount, spending about $4.4 million buying BONK on the exchanges Bybit and Binance, with some reports indicating additional tokens were borrowed through DeFi lending platforms, according to onchain analytics firm Lookonchain.

When the vote closed, only seven wallets had participated — against more than 18,000 total DAO members — a turnout of just 2.9%. The proposal cleared quorum by a razor-thin margin: 882.38 billion BONK in favor against an 879.95 billion threshold, almost exactly matching the stake the attacker had spent days assembling. Effectively, the “99.9% yes” result represented a single actor voting in agreement with itself.

How the Attack UnfoldedHow the Attack Unfolded

How the Attack Unfolded

The Drain and the Aftermath

Once the proposal passed, the transfer executed automatically, moving roughly $20 million worth of BONK out of the treasury and into the attacker’s wallet. According to blockchain intelligence firm Chainalysis, about $188,000 was sent to a centralized exchange within hours, likely an attempt to begin cashing out, while the remaining roughly $19 million was moved to a multisignature wallet requiring multiple approvals to access.

Just over an hour after the drain, the attacker began selling off the BONK tokens originally purchased to manipulate the vote, offloading about $5.3 million worth — while retaining the stolen treasury holdings.

BonkDAO confirmed the attack publicly, describing it as a malicious governance proposal and stating it had identified the exchange wallets used to accumulate voting power ahead of the proposal. “During the investigation, BonkDAO identified the exchange wallets used to purchase BONK ahead of the proposal,” the project posted on X, adding that law enforcement had been notified and that it continues working with exchanges, bridges, and the Solana Foundation to trace and potentially recover funds.

BonkDAO confirmed the attack publiclyBonkDAO confirmed the attack publicly

BonkDAO confirmed the attack publicly

In response, South Korean exchange Upbit and U.S.-based Kraken both suspended deposits and withdrawals of BONK, with Upbit citing “user protection measures following the circumstances of a security incident.”

Market Impact

BONK, once a top-100 token by market capitalization, fell roughly 7% in the 24 hours following disclosure of the attack, trading around $0.0000043 — a level roughly 93% below its all-time high of $0.000058. Some reporting places the decline closer to 10%, reflecting differences in the exact measurement window as the story developed throughout the day.

BONK Price Performance on 07/7/2026 (Source: CoinMarketCap)BONK Price Performance on 07/7/2026 (Source: CoinMarketCap)

BONK Price Performance on 07/7/2026 (Source: CoinMarketCap)

A Legitimate Attack

What sets the BonkDAO incident apart from typical DeFi exploits is that no code was broken and no private keys were stolen. Every action — the token purchases, the proposal submission, the vote, and the payout — was a valid, rule-following transaction on Solana. That has fueled a familiar argument within crypto circles over whether the episode constitutes theft or simply a ruthless but technically permitted use of a DAO’s own governance mechanics.

BonkDAO and blockchain analytics firms have characterized the episode as an attack, a framing reinforced by the involvement of law enforcement. Critics within the community have also pointed to a broader governance failure: the proposal sat visible on BonkDAO’s platform for nearly six days with minimal scrutiny before the vote concluded and the transfer executed as programmed.

The underlying lesson, analysts note, is structural. Any treasury governed by a system where voting power can simply be purchased is only as secure as the cost of assembling a controlling stake — and in this case, that cost was a fraction of the treasury’s value. With $4.4 million in capital, the attacker walked away having netted roughly $20 million, minus whatever portion is eventually recovered or frozen by exchanges and investigators.

BonkDAO has not yet detailed a formal remediation plan for preventing similar governance capture in the future, though its coordination with the Solana Foundation and multiple exchanges suggests recovery efforts remain active as of this writing.



Source link

You may also like

Leave a Comment

Editors' Picks

Latest Posts

© 2024 trendingai.shop. All rights reserved.