On March 12, it was reported that Bonk.fun, a meme coin issuance platform based on the Solana ecosystem, experienced a security incident earlier this Wednesday. Its official website domain was compromised by attackers, and some users experienced fund theft after interacting with the site. The platform subsequently issued a warning through its official social media accounts, advising users not to visit or operate the site temporarily to avoid further risks.
The platform operators stated that the attackers successfully infiltrated the BONKfun domain and embedded malicious content on the page. The team is urgently taking measures to regain control and has suspended all related interactions until safety is confirmed. Bonk operator Tom previously revealed that hackers gained access by hijacking the team’s account, enabling them to steal funds.
According to Tom, the main victims are users who signed false service terms on the website. These forged terms trick users into authorizing transactions or signing, allowing attackers to gain control of their wallets. The team said that because the vulnerability was discovered early, the amount of funds lost in this attack is relatively limited.
The Bonk team emphasized that they understand the community’s concerns following the incident and are working to address security issues, including redeploying domain control and strengthening account security. As of 1:15 a.m. Eastern Time, the official has not released further technical details or a full loss estimate.
The platform was originally called LetsBonk.fun and quickly gained attention in the Solana meme coin ecosystem due to its rapid token issuance tools, binding curve trading mechanism, and automatic liquidity deployment features. The platform allows users to create tokens and trade instantly, with part of the transaction fees supporting the buyback and burn mechanism of the BONK token.
It is worth noting that with the development of AI tools and the upgrade of cyberattack techniques, phishing and domain hijacking incidents in the crypto industry are increasing. Attackers are increasingly exploiting user trust rather than relying solely on technical vulnerabilities, using identity impersonation, social engineering, or malicious links to induce users to sign transaction authorizations.
Blockchain analysis firm Chainalysis previously predicted that by 2025, total losses from crypto scams could reach approximately $17 billion. The report pointed out that large-scale scam activities are gradually becoming “industrialized,” with attack tools, fund transfers, and money laundering processes becoming more professional, which also requires ordinary users to be more vigilant when using decentralized applications. (The Block)
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
