BONK faces $20 million treasury drain after attacker spends $4 million to pass malicious proposal
MarketsBONK faces $20 million treasury drain after attacker spends $4 million to pass malicious proposalThe attacker bought enough of the memecoin's tokens to pass a governance proposal that sent the group's holdings to a wallet they controlled, then began selling.By Shaurya Malw

MarketsBONK faces $20 million treasury drain after attacker spends $4 million to pass malicious proposalThe attacker bought enough of the memecoin's tokens to pass a governance proposal that sent the group's holdings to a wallet they controlled, then began selling.By Shaurya Malwa Jul 7, 2026, 5:40 a.m.
3 min readMake preferred on ShareShare this articleCopy linkX iconX (Twitter)LinkedInFacebookEmailMake preferred on SummaryShowAn attacker used BONK DAO’s onchain governance system to pass a proposal that automatically drained about $20 million in BONK tokens from the project’s treasury.By spending roughly $4.4 million to buy just over 1 percent of BONK’s supply, the attacker met the quorum threshold, effectively becoming a single decisive voter in a low-turnout ballot that passed with 99.
9 percent “yes” votes.The incident underscores how token-based governance can leave treasuries vulnerable when a temporary voting majority can be cheaply bought, reigniting debate over whether such actions are theft or merely exploitation of flawed rules.Onchain governance was heralded a few years ago as the future of how communities run themselves.
But a multimillion attack on the memecoin BONK shows the cost of putting a treasury at the mercy of a public vote anyone can buy their way into.BONK DAO was drained of $20 million late Monday, the culmination of a week-long scheme in which an opportunistic attacker spent about $4.4 million buying up the project's bonk tokens to force through a vote.
Every step was a legitimate transaction — such as the buying, the vote, the payout — and together they carried out a theft.BONK is a Solana-based memecoin, and BONK DAO is the decentralized autonomous organization that governs it, a structure where token holders vote on proposals rather than a company making decisions. Anyone holding enough tokens can propose a change and, if a vote passes, have it execute automatically onchain.
That design was the specific weapon used in this attack.The sequence began on June 30, when an anonymous wallet submitted a proposal to transfer the treasury's holdings to a wallet it controlled, per Chainalysis. To pass, the proposal needed yes votes equal to 1% of BONK's supply, the quorum, or minimum participation, required for it to take effect.
Over July 4 and 5, a separate wallet acquired exactly that much, spending about $4.4 million to buy BONK on the exchanges Bybit and Binance and, by one account, borrowing more through DeFi lending platforms, according to Lookonchain.Titled "BIP #76 - Sowellian BonkDAO," the proposal passed with just seven wallets voting, against more than 18,000 members who did not, a turnout of 2.
9%. It cleared quorum by the narrowest margin, 882.38 billion BONK in favor against a 879.
95 billion threshold, almost exactly the stake the attacker had spent days assembling. The 99.9% "yes" result was effectively a single voter agreeing with itself.
Its written pitch read less like a governance motion than a boast, promising to "rebuild from the ashes, monetize holdings, stop the bleeding," with a line noting that "all YES voters are eligible to receive tokens." Beneath it sat the only instruction that should have turned heads - a transfer of 4.43 trillion BONK to the attacker's wallet.
By July 6 the voter held just enough. It cast its entire stake in favor, the proposal passed, and about $20 million in BONK automatically moved out of the treasury into the attacker's wallet. Nine hours later, roughly $188,000 was sent to an exchange, likely to cash out, while the remaining $19 million went to a multisig wallet, one requiring multiple approvals to move funds, Chainalysis said.
Just over an hour after the drain, the attacker began selling the BONK it had bought for the attack, offloading about $5.3 million worth. It kept the treasury tokens but not the stake it had assembled to seize them.
BONK DAO has since confirmed the attack, describing it as a malicious governance proposal that drained an estimated $20 million from its treasury. It said it had identified the exchange wallets used to buy tokens ahead of the vote and was working with exchanges, bridges and the Solana Foundation to manage the fallout. The attack has revived an old argument about whether this kind of thing is theft or a fair use of the rules.
Because every step was a valid transaction, some onchain observers argued the attacker simply exploited a weak governance design rather than breaking in. BONK DAO and the analytics firms treat it as an attack, and the involvement of law enforcement reflects that. Either way, the mechanism is the lesson.
A treasury that can be drained by whoever assembles a temporary voting majority is only as secure as the cost of buying that majority, and here that cost was far less than the prize.Latest Crypto News 1XRP stalls near $1.14 as breakout attempt struggles for volume1 hour ago2Bitcoin drops after a run at $64,000, shrugging off Strategy's $213 million BTC sale1 hour ago3Bitcoin's U.
S. re
Đọc thêm từ Tài chính


Pulsar Helium Investor Webinar Via Investor Meet Company
THIS ANNOUNCEMENT AND THE INFORMATION CONTAINED HEREIN IS RESTRICTED AND IS NOT FOR RELEASE, PUBLICATION OR DISTRIBUTION, IN WHOLE OR IN PART, DIRECTLY OR INDIRECTLY, IN, INTO OR FROM AUSTRALIA, JAPAN OR THE REPUBLIC OF SOUTH AFRICA OR TO BE TRANSMITTED, DISTRIBUTED TO, OR SENT B
Shell second quarter 2026 update note
The following is an update to the second quarter 2026 outlook and gives an overview of our current expectations for the second quarter. Outlooks presented may vary from the actual second quarter 2026 results and are subject to finalisation of those results, which are scheduled to