On July 6, 2026, BONK DAO revealed that an anonymous attacker drained approximately $20 million in BONK tokens from its treasury. The attacker achieved this by acquiring sufficient voting power to pass a harmful governance proposal instead of exploiting a smart contract vulnerability.
Importance of the Incident
This incident highlights significant vulnerabilities within decentralized autonomous organizations (DAOs) and the potential consequences for token holders. As governance structures become more complex, understanding these risks is essential for participants.
- Approximate value drained: $20 million
- BONK tokens transferred: 4.426 trillion
- Voting participation rate: 2.9%
- Quorum requirement: 1%
The problematic proposal, titled “BIP #76 Sowellian BonkDAO,” was submitted on June 30. It ostensibly aimed to reform governance, add new council members, and ensure the security of holdings. However, it concealed instructions that redirected a significant portion of the total supply of BONK tokens to the attacker's wallet.
Between July 4 and July 5, a separate wallet acquired between $4 million and $4.4 million worth of BONK on exchanges Binance and Bybit, amassing enough tokens to clear the DAO's quorum for voting, and the proposal ultimately passed with only seven wallets voting in favor.
Following the approval, the tokens were swiftly transferred to the attacker's wallet within 49 seconds. By the afternoon of the same day, the stolen tokens were moved again, and the promised voter rewards were never distributed. Immediate repercussions saw BONK’s price fall by 10% to 18%, prompting exchanges like Upbit and Kraken to halt deposits and withdrawals of BONK.
Future Implications
BONK DAO has notified law enforcement and is collaborating with the Solana Foundation, as well as exchanges, to pursue the recovery of stolen assets. However, historical cases highlight the challenges in recovering funds lost to governance attacks. The event serves as a crucial reminder to holders of governance tokens to verify their protocols' security measures, such as timelocks and quorum thresholds.
Events like these could reshape the landscape of governance in DeFi and the mechanisms through which users engage in decision-making processes. Monitoring changes and adaptations in DAOs will be vital for ensuring user security moving forward.
This material is for informational purposes only and does not constitute financial advice.



