HomeEverythingEducation
Equities & FundsCrypto & Digital AssetsAI & TechnologyBusiness & CorporateUS Politics & PolicyGeopolitics & Global RiskMacro, Rates & FXCommodities & EnergyEuropean Politics & MarketsAsia-PacificReal Estate & Property
← All Stories

BonkDAO Loses $21M to Governance Exploit, Not Hack

Created at 7 Jul · 10:10 PM1 source↑ Market-relevant
IN SHORT

An attacker exploited a low quorum on BonkDAO's governance system, using $4.4 million in BONK tokens to vote for a proposal that transferred $21.2 million from the treasury to their wallet. The exploit highlights a failure in community oversight rather than a technical security breach.

✉Newsletter

PiQ Daily

Pick your topics. Get only what matters, on your cadence.

Key Numbers

$21.2 millionstolen from BonkDAO treasury
$4.4 millionused to purchase BONK tokens for voting
4.426 trillionBONK tokens transferred to attacker
882.285 billionBONK tokens purchased to meet quorum
6.59%BONK price drop
$40 millionmarket cap lost

Who's Involved

BonkDAO
Decentralized autonomous organization whose treasury was exploited
Attacker
Individual who exploited BonkDAO's governance process
Solana Foundation
Notified entity regarding the exploit

↳ Why This Matters

This exploit underscores the fragility of decentralized autonomous organization (DAO) governance when community participation is low, demonstrating how a lack of oversight can be exploited to drain treasury funds without any technical hacking.

Key facts

  • An attacker stole $21.2 million from the BonkDAO treasury.
  • The exploit involved purchasing BONK tokens to meet governance quorum, not a technical hack.
  • The attacker proposed and voted for a proposal that moved treasury funds to their wallet.
  • A lack of community participation in governance allowed the proposal to pass.
  • BONK's price fell approximately 6.59% following the news.

An attacker has successfully siphoned $21.2 million from the BonkDAO treasury through a governance exploit, rather than a traditional hack. The individual purchased BONK tokens for approximately $4.4 million, enough to meet the quorum threshold for a governance proposal.

The proposal, known as BIP #76, Sowellian BonkDAO, was presented on the governance forum but reportedly went unchecked by the community for seven days. The attacker then used their acquired tokens to vote in favor of the proposal, which automatically executed the transfer of 4.426 trillion BONK tokens to their wallet.

This incident highlights a critical vulnerability in decentralized governance where low community participation can be exploited. The attacker leveraged the democratic process itself to drain the treasury, turning their $4.4 million investment into $21.2 million. No technical security breach occurred; the exploit succeeded due to a lack of oversight and engagement from token holders.

Following the news, the price of BONK experienced a decline of approximately 6.59%, with its market capitalization decreasing by around $40 million. Some cryptocurrency exchanges temporarily halted BONK withdrawals as the situation unfolded. BonkDAO has since identified the attacker's wallets, alerted exchanges and bridges, and informed law enforcement, though recovering the funds is expected to be challenging due to the on-chain and automatic nature of the transaction.

Frequently asked questions

The attacker exploited BonkDAO's governance system by purchasing enough BONK tokens to meet the quorum for a proposal, which they then voted for, triggering an automatic transfer of treasury funds to their wallet.

No, the incident was not a hack. It was a governance exploit where the attacker used the DAO's own voting mechanism to move funds.

The attacker stole approximately $21.2 million worth of BONK tokens from the BonkDAO treasury.

BONK's price dropped by approximately 6.59% after the news of the exploit spread, and its market cap lost about $40 million.

What Happens Next

01BonkDAO is working to recover the stolen funds.
02Law enforcement has been notified regarding the exploit.

Get the newsletter.

Pick the topics you actually care about. We'll email when there's news worth your time, on the cadence you choose. Cancel any time from your account.

Cadence

How It Developed

An attacker acquired 882.285 billion BONK tokens to meet quorum for a governance proposal.
The attacker proposed BIP #76, Sowellian BonkDAO, which was not thoroughly reviewed by the community.
The attacker voted for the proposal with their BONK tokens, triggering an automatic transfer of 4.426 trillion BONK to their wallet.
The BonkDAO treasury lost $21.2 million in value due to the executed proposal.
BONK's price dropped approximately 6.59%, with its market cap losing about $40 million.
Some exchanges halted BONK withdrawals following the news.
BonkDAO has identified the attacker's wallets and notified exchanges, bridges, the Solana Foundation, and law enforcement.

Sources

T1
Someone Stole $21M From BonkDAO Without Hacking AnythingCoinGape

Related Stories

Trader loses $2M in DeFi exploit via low-liquidity pool
7 Jul · 6:05 AM
Ctrl Wallet to shut down services after security exploit
7 Jul · 11:05 AM
MicroStrategy Sells Bitcoin for First Time, Becomes Net Seller
7 Jul · 12:30 PM
Ripple secures EU MiCA license; Strategy sells Bitcoin; wallet vulnerability disclosed
7 Jul · 4:10 AM
Traders Sue Polymarket Over Bitcoin Sale Ruling
7 Jul · 11:41 AM