TLDR
- BONK DAO lost about $20 million after a malicious governance proposal passed through token-holder voting.
- The attacker spent about $4.4 million buying BONK to secure enough voting power for the proposal.
- The proposal passed with only seven wallets participating despite more than 18,000 eligible DAO members.
- The governance system automatically transferred roughly $20 million in BONK to the attacker’s wallet after approval.
- BONK DAO confirmed the attack and is working with exchanges, bridges, and the Solana Foundation on the response.
BONK lost about $20 million after an attacker gained enough voting power to approve a treasury transfer. The attacker spent about $4.4 million acquiring governance tokens before executing the proposal. Meanwhile, the incident exposed weaknesses in decentralized governance systems that rely on token-based voting.
BONK DAO’s $20 million loss saw the attacker put millions of dollars on the line. Our investigation maps out the financial coordination behind today’s governance attack, from the days-long BONK spree that preceded it to the liquidation rush that followed. 🧵 pic.twitter.com/yvjRxxV0zZ
— Chainalysis (@chainalysis) July 7, 2026
Attacker Used Governance Vote to Drain BONK Treasury
The attack started on June 30 after an anonymous wallet submitted a treasury transfer proposal. The proposal requested 4.43 trillion BONK tokens for a wallet controlled by the proposer. Meanwhile, the vote required support equal to 1% of the token supply.
Over July 4 and July 5, another wallet accumulated enough BONK to satisfy the voting threshold. The wallet reportedly spent about $4.4 million through Binance and Bybit purchases. Lookonchain also reported that the buyer borrowed additional funds through decentralized lending platforms.
Someone spent $4.4M to steal $21.2M from the #BONK treasury, making a profit of $16.8M.
How did it happen?👇
➡️ On June 30, the attacker submitted a governance proposal to transfer 4.426T $BONK($21.2M) from the treasury to a wallet he controlled (9bxW…JHvQ).… pic.twitter.com/VElnDuazki
— Lookonchain (@lookonchain) July 7, 2026
The proposal carried the title “BIP #76 – Sowellian BonkDAO” and reached the required quorum. Only seven wallets participated despite more than 18,000 eligible members. The proposal secured 882.38 billion votes, narrowly exceeding the 879.95 billion requirement.
Treasury Transfer Executed Automatically After Proposal Approval
After meeting the threshold, the attacker voted with the entire acquired BONK balance. The governance system automatically approved the treasury transfer after the vote passed. Shortly afterward, about $20 million worth of BONK moved into the attacker’s wallet.
BonkDAO was the target of a malicious governance proposal resulting in an estimated $20M worth of BONK tokens being drained from the BonkDAO treasury.
During the investigation, BonkDAO identified the exchange wallets used to purchase BONK ahead of the proposal. BonkDAO is…
— BONK!!! (@bonk_inu) July 6, 2026
Chainalysis reported that the attacker later transferred about $188,000 to a cryptocurrency exchange. The remaining funds moved into a multisignature wallet requiring several approvals. Meanwhile, the attacker sold roughly $5.3 million worth of purchased BONK after completing the operation.
The proposal included statements promising to “rebuild from the ashes” and “stop the bleeding.” It also claimed that “all YES voters are eligible to receive tokens.” However, the proposal mainly authorized the treasury transfer to the attacker’s wallet.
BONK DAO Responds as Governance Security Faces Renewed Scrutiny
BONK DAO confirmed the incident and described the proposal as malicious. The organization said it identified exchange wallets involved before the governance vote. It also said teams continue working with exchanges, bridges, and the Solana Foundation.
The incident renewed debate over governance systems that depend entirely on token ownership. Some observers argued the attacker only used existing protocol rules. However, BONK DAO, Chainalysis, and other analysts classified the incident as an attack.
The attack also highlighted the risks of temporary voting control over large treasuries. BONK fell about 7% during the past 24 hours following the incident. The event showed that governance security remains as important as treasury value across decentralized organizations.







