Hackers hijacked a Bonk.fun team account and placed a wallet drainer on the platform’s domain, exposing users to a fake terms prompt.
A security breach struck the Solana-based memecoin launchpad Bonk.fun earlier Wednesday after attackers took control of its official domain. The incident briefly exposed users to a malicious prompt designed to drain wallets. Team members warned users to avoid the website while the issue was under review. Early reports suggest the damage remained limited due to a rapid response from operators.
Bonk.fun Domain Breach Linked to Hijacked Team Account
Bonk.fun alerted its community through its official X account, warning that a malicious actor had compromised the platform’s domain. Users were advised not to interact with the website until the team secured the system.
A malicious actor has compromised the BONKfun domain, do not interact with the website until we have secured everything.
— BONK.fun (@bonkfun) March 12, 2026
Tom, known online as SolportTom and associated with the Bonk team, explained that attackers gained access to a team account. That access allowed them to place a wallet drainer on the website. According to Tom, only users who accepted a fake terms-of-service message were affected.
Losses appear limited because the team identified the breach shortly after it began. Tom stated that the group is working to resolve the issue and restore normal operations. No further updates had been posted as of 1:15 a.m. Eastern Time.
Recent Domain Attack Reflects Growing Sophistication of Crypto Phishing Scams
Bonk.fun, previously called LetsBonk.fun, plays a major role in Solana’s memecoin ecosystem. The platform allows users to create tokens instantly and trade them through bonding curves. It also adds liquidity automatically while directing part of its fees toward BONK token buybacks and burns.
Community participation remains central to the platform’s growth. Tom said the team’s priority is protecting users who have trusted the service during the past eight months.
Phishing and domain attacks continue to rise across the crypto sector. Attackers increasingly rely on social engineering rather than direct code exploits. Fake websites, impersonation attempts, and wallet drainers remain common tools.
Data from Chainalysis shows crypto scams generated roughly $17 billion in losses during 2025. Researchers noted that many fraud operations now run at a larger and more organized scale.
