BTC/USD $68,420 +2.8%
ETH/USD $3,540 +1.4%
SOL/USD $142.80 -0.6%
BNB/USD $605.20 +0.9%
XRP/USD $0.62 -1.2%
DOGE/USD $0.18 +5.4%
BTC/USD $68,420 +2.8%
ETH/USD $3,540 +1.4%
SOL/USD $142.80 -0.6%
BNB/USD $605.20 +0.9%
XRP/USD $0.62 -1.2%
DOGE/USD $0.18 +5.4%
DeFi

Attacker Drains $20M From BonkDAO Treasury Through Token-Weighted Exploit

BonkDAO (Decentralized Autonomous Organization) has reported that it was recently the victim of a $20 million drain via a decentralized governance exploit. BonkDAO suffers $20M theft Accordin

AnonymousCryptoCompass newsroom
July 7, 2026
2 min read
NEWS
Attacker Drains $20M From BonkDAO Treasury Through Token-Weighted Exploit
CryptoCompass editorial visual for defi coverage.

BonkDAO (Decentralized Autonomous Organization) has reported that it was recently the victim of a $20 million drain via a decentralized governance exploit.

BonkDAO suffers $20M theft

According to the organization, the attacker first purchased $4 million worth of BONK tokens from several exchanges to gain sufficient voting power. They then used this to single-handedly pass a malicious proposal, resulting in the transfer of 4.426 billion BONK tokens (about $20 million at the time) from the BonkDAO treasury to their controlled wallet. The attacker also renamed the DAO to “Sowellian BonkDAO”.

BonkDAO token exploit followed on solscan.io

Source: solscan.io

As seen on solscan.io, the siphoner has already started moving these tokens towards exchanges. This has heightened selling pressure, with BONK dropping 7.25% over the last 24 hours to $0.0544. Just two days ago, BONK was among the trending meme coins boasting a 14% rally in a day amid a broader market downturn.

BonkDAO now says it is working wth bridges, exchanges, the Solana Foundation, and law enforcement to track the funds and eventually freeze or recover them.

https://x.com/bonk_inu/status/2074191403781906800

Crypto exploits in July

The brute-force capital approach was successful because the DAO lacked several safety measures. Among them are execution-time locks, which enforce a delay between the approval of an action and its actual execution, so that the community, developers, and researchers can note any oddities. Another is mandatory multisig override, which employs a highly secure multisig wallet to temporarily bypass execution time locks in the event of an emergency, such as a hack. 

The latest incident follows the March hijacking of bonk.fun domain – one of Solana’s meme coin launch pads. At the time, attackers swapped the “accept Terms of Service” prompt with a malicious script that drained all wallets connected to the site. Nonetheless, the attack was short-lived and damage minimal – attackers drained up to 50 Solana (SOL) tokens from each of the 35 affected wallets.

Just hours before today’s incident, blockchain security firm Blockaid flagged an active $6 million exploit targeting the DeFi yield protocol Summer.fi.