- Hackers hijacked Bonk.fun domain and deployed wallet drainer through fake terms.
- Bonk team detected breach quickly, limiting damage from malicious website exploit.
- Crypto phishing attacks grow as scammers exploit trusted platforms and users.
Users of the Solana memecoin launchpad Bonk.fun faced a sudden security scare after attackers briefly seized control of the platform’s official website and used that access to deploy a malicious wallet drainer through a deceptive terms of service prompt presented to visitors.
The warning surfaced early Wednesday after unusual activity appeared on the Bonk.fun domain, prompting the project team to alert users through its official X account while advising the community not to interact with the website until engineers completed security checks.
Reports circulating within the crypto community indicated that suspicious activity appeared on the domain without warning, which quickly raised concerns among users who regularly rely on the launchpad to create and trade memecoins within the Solana ecosystem.
Fake Terms Page Used to Deploy Wallet Drainer
The malicious activity involved a fake terms message that appeared legitimate to visitors browsing the site, creating a trap where anyone who accepted the prompt unknowingly triggered a wallet-draining mechanism designed to extract digital assets from connected wallets.
According to X user Tom, widely known as SolportTom and recognized as the operator behind Bonk, attackers managed to hijack a team account, which then allowed them to place the malicious drainer directly on the platform’s domain.
Also Read: Bitcoin Maxi Calls XRP ‘a Bank Wearing a Hoodie’ – Here’s Why
Tom clarified that the exploit only targeted individuals who accepted the fraudulent terms message during the brief period when the website remained compromised. The Bonk operator explained that the losses from the attack remained limited because the team detected the security breach soon after it began affecting the website.
Developers quickly worked to secure access to the domain while removing the malicious script placed by the attackers. Tom also acknowledged that many users felt concerned after hearing about the exploit, while reassuring the community that engineers were actively working to stabilize the platform and prevent additional damage. He emphasized that the team continued monitoring the website infrastructure carefully while restoring full control of the domain.
Platform Breach Highlights Rising Phishing Threats in Crypto
Bonk.fun, previously known as LetsBonk.fun, has grown rapidly within the Solana ecosystem by offering a platform that allows users to deploy memecoins instantly while enabling real-time trading through bonding curve mechanics that automatically supply liquidity.
The launchpad also directs part of its platform fees toward buybacks and token burns of BONK, a structure designed to support the broader ecosystem surrounding the memecoin project.
However, the recent breach highlights how attackers increasingly rely on phishing tactics that exploit user trust rather than weaknesses within blockchain networks. Domain hijacking combined with deceptive prompts allows malicious actors to transform legitimate websites into tools for wallet-draining attacks.
Industry research indicates that crypto scams continue expanding across the sector, with blockchain analytics firm Chainalysis estimating that total scam losses reached roughly $17 billion during 2025 as fraud operations became more organized and industrialized.
Meanwhile, the Bonk team continues monitoring the platform closely while focusing on restoring full security to the website and reassuring users that protecting the community remains a top priority.
The Bonk.fun breach demonstrates how phishing attacks continue evolving across the crypto industry, where compromised domains and deceptive prompts can expose users to wallet draining exploits even when underlying blockchain systems remain secure.
Also Read: Brian Armstrong Rejects Claims Coinbase Opposed Bitcoin Tax Exemption
