Bonk.fun Website Hijacked: Hackers Deploy Drainer, Users Warned to Stay Away
On March 12, 2026, the Solana-based memecoin launchpad Bonk.fun (formerly LetsBonk.fun) announced that its official domain had been compromised by hackers.
The team posted the following warning on X:
“A malicious actor has compromised the BONKfun domain, do not interact with the website until we have secured everything.”
Operator Tom (SolportTom) later clarified that attackers hijacked a team account and injected a malicious “terms-of-service” message designed to trigger a wallet drainer when users signed or interacted with it.
He emphasized that only users who signed the fake ToS were affected, and losses were described as minimal because the breach was detected and contained quickly.
As of 1:15 a.m. ET (March 12, 2026), the team stated they were actively working to regain control and restore the legitimate site.
What Happened and How It Works
- Hackers gained control of the domain (bonk.fun) or a critical team account with access to the frontend.
- A phishing-style drainer was embedded in a fake terms-of-service prompt.
- Users who connected their wallet and signed the malicious message approved unlimited token approvals or transferred funds directly to attacker addresses.
- The attack exploits social engineering + front-end compromise rather than a smart contract exploit.
This is a classic website hijack + wallet drainer scenario — one of the most common and effective attack vectors in 2025–2026.
Background on Bonk.fun
Bonk.fun is one of the leading instant memecoin launchpads on Solana, offering:
- One-click token deployment
- Bonding curve trading
- Automatic liquidity migration to Raydium
- Fee revenue used for BONK buybacks and burns
The platform has been live for over 8 months and positions itself as community-first and accessible to non-technical users.
Tom reiterated:
“Our main priority will always be the users who have trusted us to use the platform over the last 8 months.”
Broader Context: Rising Sophistication of Crypto Scams
Chainalysis reported that total crypto scam losses reached approximately $17 billion in 2025 — driven by:
- AI-generated phishing content
- Advanced wallet drainers
- Domain hijacking & front-end compromises
- Social engineering targeting high-profile project accounts
Bonk.fun’s incident fits this trend: attackers compromise trusted infrastructure and exploit user trust rather than breaking on-chain code.
What Users Should Do Right Now
- Do not visit bonk.fun or interact with any links claiming to be the official site until the team confirms resolution.
- If you connected your wallet to the compromised domain after March 12, 2026 (UTC), immediately:
- Revoke all token approvals (use revoke.cash or similar tools)
- Transfer remaining assets to a new wallet
- Monitor for unauthorized transactions
- Watch the official @bonk_fun X account for updates — do not trust any other channels.
- Enable transaction simulation / approval previews in wallets like Phantom or Backpack.
Quick Takeaway
Bonk.fun suffered a front-end/domain compromise leading to a targeted wallet drainer attack via a fake ToS prompt. Losses appear limited due to fast detection, but the incident is another reminder of how dangerous it can be to interact with even well-known crypto websites without extreme caution in 2026.
Reviews:
Leave Your Review Here:
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
