TLDR
- An attacker spent $4.4 million buying BONK tokens to pass a fake governance proposal
- The proposal automatically transferred $20 million from the BONK DAO treasury to the attacker’s wallet
- Only 7 wallets voted yes, with over 18,000 members not participating
- BONK price dropped 7% in 24 hours following the attack
- BonkDAO has contacted law enforcement and is working with exchanges and the Solana Foundation
An attacker drained $20 million from the BONK DAO treasury on July 6 using the project’s own governance system. The scheme began on June 30 when an anonymous wallet submitted a proposal to transfer the treasury’s holdings to a wallet it controlled.
Someone spent $4.4M to steal $21.2M from the #BONK treasury, making a profit of $16.8M.
How did it happen?👇
➡️ On June 30, the attacker submitted a governance proposal to transfer 4.426T $BONK($21.2M) from the treasury to a wallet he controlled (9bxW…JHvQ).… pic.twitter.com/VElnDuazki
— Lookonchain (@lookonchain) July 7, 2026
To pass, the proposal needed yes votes equal to 1% of BONK’s total supply. Over July 4 and 5, the attacker bought exactly that amount, spending around $4.4 million on exchanges Bybit and Binance, and borrowing more through DeFi lending platforms.
The proposal, titled “BIP #76 – Sowellian BonkDAO,” passed with just seven wallets voting in favor. More than 18,000 members did not vote. Turnout was 2.9%, and the proposal cleared the quorum threshold by the narrowest margin possible.
The result was effectively one voter agreeing with itself. The written pitch promised to “rebuild from the ashes, monetize holdings, stop the bleeding.” Buried in the text was a single instruction to transfer 4.43 trillion BONK to the attacker’s wallet.
Once the vote passed, the transfer executed automatically. About $20 million in BONK moved out of the treasury and into the attacker’s wallet without any human approval needed.
What Happened to the Funds
Nine hours after the drain, roughly $188,000 was sent to an exchange, likely to cash out. The remaining $19 million was moved to a multisig wallet, which requires multiple approvals before funds can move again, according to Chainalysis.
About an hour after the drain, the attacker started selling the BONK tokens they had bought to fund the attack. They offloaded around $5.3 million worth. The stolen treasury tokens were kept separate.
BONK DAO has since confirmed the attack. The project said it identified exchange wallets used to buy tokens before the vote. It is now working with exchanges, crypto bridges, and the Solana Foundation to manage the fallout.
Law enforcement has been notified. The project said it is working to “recover funds and identify those responsible.”
Broader Context
BONK launched in December 2022 on Solana and is one of several dog-themed memecoins alongside Dogecoin and Shiba Inu. The attack comes as the total market cap of top memecoins sits at around $25.3 billion, down more than 54% over the past 12 months.
The incident has sparked debate about whether the attacker exploited a weak system or committed theft. Every step was a valid transaction. BONK DAO and analytics firms are treating it as an attack.
The key takeaway is simple: any treasury that can be moved by a temporary voting majority is only as secure as the cost of buying that majority. Here, the attacker spent $4.4 million to take $20 million.







