Bonk.fun’s official website was briefly hijacked Wednesday, exposing users to a wallet-draining exploit. The incident highlights persistent security risks in fast-growing memecoin launch platforms across the Solana ecosystem.
The platform confirmed the breach through its official X account. According to operators, a malicious actor gained control of the Bonk.fun domain and inserted a fraudulent terms-of-service prompt designed to trigger wallet drainers. Only users who interacted with the fake message were affected.
Tom, known online as SolportTom and linked to the Bonk project, said hackers compromised a team account that enabled control of the website domain. The team identified the breach quickly and warned users to avoid interacting with the platform while remediation efforts continued.
Are Domain Hijacks Becoming Crypto’s Weakest Security Link?
The incident reflects a broader shift in crypto attacks toward social engineering rather than direct protocol vulnerabilities. Platforms built around easy token launches and simplified wallet connections often prioritize accessibility, creating attractive targets for phishing campaigns.
Bonk gained traction in the Solana ecosystem through tools enabling instant token deployment and real-time trading through bonding curves. The platform also directs a portion of fees toward token buybacks and burns designed to support the BONK token’s market activity.
But phishing operations across the sector are growing more coordinated. According to Chainalysis, crypto scam losses reached roughly $17 billion in 2025 as organized groups expanded tactics including domain hijacking, impersonation campaigns, and automated wallet drainers.
Chainalysis Team
“We understand a lot of people are scared and rightly so,” Tom wrote in a post addressing users after the breach surfaced.
He added the team is working to secure the domain and restore full platform functionality.
Operators said financial losses appear limited because the exploit was discovered shortly after deployment. Still, even short-lived domain compromises can undermine trust in platforms designed for rapid user onboarding.
The next key signal will come from Bonk’s technical response, including potential security upgrades or authentication changes aimed at preventing similar domain-level attacks across the Solana memecoin launch ecosystem.
