The website of Bonk.fun temporarily fell under the control of attackers after unauthorized access to a team account allowed a malicious actor to push a wallet-draining scheme through the platform’s domain.

The platform confirmed the breach in a public warning shared through its official X account. The team urged users not to interact with the website until engineers secured the domain.

“A malicious actor has compromised the BONKfun domain, do not interact with the website until we have secured everything,” the project wrote.

The platform operates within the ecosystem of Bonk, a memecoin built on the Solana network. Bonk.fun gained attention in the Solana community through tools that allow users to create and launch tokens quickly.

Attack used fake message to trigger wallet approvals

The breach originated from a compromised internal account connected to the project’s infrastructure. Attackers used that access to modify the website and insert a malicious prompt.

Tom, an operator associated with the platform, warned users on X that the attacker forced a drainer onto the domain.

The fraudulent message appeared as a terms-of-service confirmation prompt on the site. Visitors who approved the request effectively signed a transaction that allowed attackers to move assets from connected wallets.

Tom clarified that the exploit affected only users who approved the malicious message during the brief period when the compromised page remained active.

“The only people affected were people who signed a fake TOS message on the bonkfun domain after the incident,” he wrote.

Users who had connected wallets to the platform before the attack did not face risk if they did not interact with the malicious prompt. Traders who interacted with tokens launched through Bonk.fun using external trading terminals also remained safe.

Some users report drained wallets

Despite the quick warning from the team, several users reported losses in replies to the platform’s announcement posts.

One user claimed that roughly 50 SOL disappeared from their wallet after interaction with the compromised site. Another user reported a loss of about 10 SOL.

In one of the most serious claims shared on X, a user wrote that a wallet lost $273,000 after connecting to the website during the incident.

The project has not published an official estimate of total losses. Tom stated that the team detected the compromise quickly and believes the financial impact remained limited.

“We understand a lot of people are scared and rightly so but we’re doing everything in our power to fix the situation,” he wrote.

Launchpad gained traction in Solana memecoin ecosystem

Bonk.fun emerged about eight months ago under the name LetsBonk.fun. The platform became popular among traders and developers interested in launching tokens on Solana.

The launchpad offers instant token deployment tools and automated liquidity provisioning through bonding curve mechanics. Users can deploy tokens with minimal technical knowledge and begin trading immediately after creation.

The platform also allocates part of its fees to buybacks and burns of the BONK token, which supports the broader ecosystem built around the memecoin.

The accessibility of such platforms contributed to a surge of experimental tokens across the Solana network during the past year.

Tom emphasized that the team intends to prioritize user protection after the breach.

“Our main priority will always be the users who have trusted us to use the platform over the last 8 months,” he wrote.

Phishing attacks remain a persistent threat

Domain hijacks and wallet-drainer schemes have become common tactics across the crypto sector. Attackers often rely on social engineering rather than technical vulnerabilities.

A compromised website can prompt users to approve transactions that grant control over wallet funds. Once the transaction receives approval, blockchain networks process the transfer automatically.

Blockchain analytics firm Chainalysis estimated that crypto-related scam losses reached about $17 billion in 2025, according to their report published on 13 January, 2026. The firm noted that scam operations have become more organized and technologically sophisticated.

Security researchers have also observed the use of artificial intelligence tools in phishing campaigns, which help attackers produce more convincing messages and fake interfaces.

The Bonk.fun incident illustrates how quickly a compromised domain can place users at risk if they sign malicious transactions. The platform continues to work on securing its infrastructure and investigating how the attacker obtained access to the team account.

The team has not announced when the website will return to full operation.

MediaTek Chip Flaw Allows Crypto Wallet Data Theft | HODL FM NEWS
Ledger researchers discovered a smartphone chip flaw that lets attackers extract PINs, decrypt storage, and steal crypto seed phrases from Android devices.
hodl-post-imageHODL FM News: The Wildest Ride in the Crypto MarketGunel Ismayilova
hodl-post-image

Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that, despite the nature of much of the material created and hosted on this website, HODL FM operates as a media and informational platform, not a provider of financial advisory services. The opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice, HODL FM strongly recommends contacting a qualified industry professional.