There is no code to use. No private key has been compromised. There is no fake link. And yet BonkDAO says hackers stole nearly $20 million from BONK through a malicious hack targeting its Solana assets.
The attacker didn’t break the rules – he bought them.
What happened to BONK DAO?
$BONK is a Solana-based memecoin, and BONK DAO is the community behind it. Those with tokens vote on the proposals, and when the vote passes, it is automatic. This design is the one with the tools.
The follow-up began on June 30, when an unknown wallet proposed to transfer the Treasury’s assets to a wallet that it manages. That idea was called “BIP #76 – Sowellian BonkDAO,” and it seemed more like a noise than a plot: it wanted to “establish the Sowellian regime, install new members and the council, rebuild the ashes, make money, and stop the bleeding,” and promised that all those who deserve BONK will receive it.
Buried under the advertising language was the only line that mattered – instructions to transfer approximately 4.4 trillion BONK directly to the attacker’s wallet.
How did the attacker give the false impression?
This is the part that should keep any DAO up at night. The proposal requires a “yes” vote equal to 1% of the BONK to pass the vote. So the attacker just went shopping. On July 4 and 5, another wallet got exactly the same amount, spending about $4.4 million to buy BONK on exchange Bybit and Binance.
By the time the polls came, the numbers were close to surgery. The proposal passed with only seven wallets voting, against more than 18,000 members who did not – a 2.9% turnout. It ended the quorum with a lower limit, 882.38 billion BONK in favor of a limit of 879.95 billion, almost exactly the amount the attacker spent days collecting.
What’s next? The 99.9% “yes” result was one self-identified voter. The DAO then did what it was built to do – it just transferred, and about $20 million in BONK left the vault and went into the attacker’s wallet.
Bonk DAO Attack: Where did the money go?
Stolen signs he still didn’t stick. More than 4.4 trillion BONK – which was about $ 19.3 million at the time of the transfer – left the state of the economy to the final address “JHvQ,” which was identified through Solscan as having been supported by the Bybit account. By 3:30 pm ET that same day, the signs had been moved again, this time to a different Solana address ending in “eh42.”
The promised voting awards did not materialize. These tokens were never distributed – instead they were transferred to a secondary address afterwards, a strategy similar to an attacker trying to hide the path instead of honoring any commitment in the community. Security company PeckShield later announced that the stolen $148,000 BONK had already moved to OKX.
Was Bonk DAO Hacked?
Technically, no – and that’s the fun part. The attacker did not exploit the flaw in any smart contract. The main problem was the structure of the administration, not the law. Each part was valid, valid on the chain.
With no time limit, minimum quorum, or background checks to catch surprising ideas before they are executed, a high-income attacker was able to turn $4 million into control of a $20 million fortune. The shutdown would have forced a delay between approval and execution, giving the community a window to see the drain. Multisig scaling would have stopped it in the event of an accident. BONK DAO had nothing.
This has reopened an old debate. Because each step was legal, some observers argue that the attacker simply used a weak control system instead of an intrusion.
What is BONK DAO doing about this?
BonkDAO has notified law enforcement and is working with the Solana Foundation, central exchanges, and network bridges to raise funds. It said it had identified wallets used to buy tokens ahead of the vote – and the legal implications are clear that the DAO sees this as an attack, not a strategy.
However, recovery is a big challenge. Control-of-control attacks are more difficult to reverse because they pass through standard protocol systems.
What happened to the price of BONK?
The response from the market was surprisingly high. BONK prices have dropped nearly 7% in the past 24 hours following the attack. Exchanges moved quickly – South Korean exchange Upbit and American exchange Kraken both suspended deposits and removed the BONK token, Upbit citing “measures to protect users following security incidents.”






