Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
BONKfun announced on X that its official website fell victim to a malicious social engineering attack on March 11. The attacker hijacked the BONKfun domain via the Domain Name Service (DNS) provider and transferred it to an external registrar. The team confirmed that the incident was not caused by a breach of BONK or BONKfun’s internal systems, codebases, or team accounts. Following the incident, the team took immediate action: shutting down the website, coordinating with wallet service providers to flag the domain as malicious, and containing the impact on users. The attack resulted in approximately $30,000 in customer losses; the team will compensate affected users at 110% to cover potential opportunity costs. Control over the BONKfun domain and registration was fully restored around 5 PM ET on March 18. Major wallet provider functionalities were restored by the evening of March 19, and the website is now securely back online. As some antivirus software still flags the main domain as a risk, the team is actively addressing the issue. For users unable to access the official site due to antivirus blocks, a backup domain with identical functionality is now live and available for use. Attack method (per SlowMist): Social Engineering Attack➕Domain Hijacking➕Phishing. Reported loss: $ 30,000.
- chain
- —
- protocol
- BONKfun
- bug_class
- infrastructure
- date_occurred
- 2026-03-11
- loss_usd
- $30,000
- source_id
- sm:bonkfun::2026-03-11