Mon 06 Jul 2026 / 19:50 ET
Kernel
Security 3 min read

BonkDAO says governance vote sent $20 million in BONK to attackers

The Solana memecoin project said attackers used a governance proposal to move about $20 million in BONK into their own wallets.

Dana Voss

By Dana Voss / Security Correspondent

BonkDAO says governance vote sent $20 million in BONK to attackers
img: The Record

BonkDAO said Monday that attackers used its own voting machinery to take about $20 million worth of BONK, the dog-themed memecoin that runs on Solana.

The group described the incident in a post on X as a “malicious governance proposal.” In plain terms, BonkDAO said holders with enough BONK voting power pushed through a proposal that put additional coins into wallets they controlled. That is the dreary little trick with token-weighted governance: the voting system can become the attack surface.

BonkDAO said it had identified exchange wallets used to buy BONK before the proposal. Crypto news sites reported that the attackers acquired roughly $4 million worth of BONK to prepare for the vote, though BonkDAO did not give its own estimate for how much the attackers bought.

The organization said it had contacted law enforcement and was working with other parties to recover the assets and identify the people responsible. South Korean crypto exchange Upbit said it temporarily halted BONK deposits and withdrawals after the incident.

How the governance attack worked

A DAO, or decentralized autonomous organization, lets token holders vote on decisions affecting a crypto project. In this case, BonkDAO governs parts of the BONK ecosystem. Reports said BonkDAO itself held about 15 percent of the available BONK supply.

That model gives token holders a say, at least in theory. It also means voting power can be bought, borrowed, or concentrated. BonkDAO’s account of the attack says the perpetrators used a large BONK position to approve a proposal that benefited their own wallets.

This differs from the more familiar crypto theft pattern involving smart contracts. In those cases, attackers usually exploit code that automatically carries out transactions under a protocol’s rules. A governance attack abuses the decision-making process that tells the system what to do.

Governance exploitation has a history. In 2022, an attacker took about $180 million in reserves from the Beanstalk platform through a governance attack, according to previous reporting. U.S. authorities have also investigated and prosecuted smart-contract theft cases, including a $54 million theft from Uranium Finance.

Recoveries can happen, though they are far from guaranteed. In December, the Federal Trade Commission ordered Nomad to distribute $37.5 million in cryptocurrency recovered after a 2022 incident, according to prior reporting.

BONK price slips after disclosure

As of Monday afternoon Eastern time, Coinbase data showed BONK down about 7 percent. The token’s market capitalization was about $400 million.

BONK is a memecoin, which means its value is tied less to cash flows or product usage than to exchange access, market attention, and community momentum. BonkDAO’s disclosure now adds a governance failure to that mix, with law enforcement notified and at least one major exchange pausing movement of the token.

This story draws on original reporting from The Record.

More Security/

view all ↗