Quick Overview
- Hackers successfully hijacked the Bonk.fun domain and deployed wallet-draining malware on the platform
- Victims were limited to users who approved a fraudulent terms-of-service prompt following the security breach
- Previous wallet connections and transactions through external terminals remained secure
- The service, originally named LetsBONK, debuted in April 2025
- By late 2025, Bonk.fun’s dominance had plummeted from 84% market control to merely 7%
On March 12, Bonk.fun—a Solana-based meme coin launchpad supported by Raydium and the BONK token—issued an urgent warning advising users to stay away from its website following a domain hijacking incident where attackers deployed wallet-draining software.
The platform’s administrator, identified as Tom, revealed the security compromise on X through his handle @SolportTom. He instructed the community to refrain from accessing the site pending resolution. The official Bonk X account subsequently verified this advisory.
According to Tom, the attack exclusively impacted users who approved a fraudulent terms-of-service notification on the compromised domain following the breach. Previously established connections and transactions executed via external terminals remained unaffected by the attack.
An investigation into the incident is currently underway. While the team hasn’t revealed specific financial losses, Tom indicated the breach was detected rapidly and that swift community responses helped minimize the impact.
“We’re doing everything in our power to fix the situation,” Tom stated, emphasizing that users who’ve relied on the platform throughout the past eight months remain their top concern.
Launched in April 2025 through a collaboration between the BONK community and Raydium, Bonk.fun enables users to create tokens on Solana without programming knowledge, utilizing dynamic logarithmic bonding curves. The platform initially operated under the LetsBONK name.
From Market Leader to Minor Player
Following its debut, the platform quickly surpassed Pump.fun to capture a commanding 84% share of Solana’s launchpad sector by mid-2025. However, this dominance proved temporary.
According to Dune analytics, Bonk.fun’s market position had collapsed to a mere 7% by year-end 2025. Monthly revenue plummeted to approximately $84,000, while Pump.fun generated over $720,000 during the same timeframe.
The downturn resulted from unsustainable reward structures and a declining rate of successful token deployments. Pump.fun countered by implementing significant buyback programs, acquiring Kolscan, and enhancing its infrastructure capabilities.
In early 2026, Bonk.fun eliminated creator fees entirely in an effort to recapture users. This strategy produced a brief revenue surge toward the conclusion of January 2026.
Recovery Efforts Faltered Prior to Security Incident
The resurgence proved short-lived. Pump.fun introduced new user incentives and recaptured more than 70% market share by February 2026.
This attack reflects a wider trend throughout the cryptocurrency sector. Phishing schemes that deceive users into authorizing malicious transactions on compromised domains have been escalating. Throughout 2025, fraudulent proceeds from such operations approached $17 billion.
The Bonk.fun development team has strongly advised all users to cease any interaction with the website until they can verify the platform’s security has been restored.
At the time of publication, no specific monetary loss figure resulting from the breach has been disclosed publicly.
