BONK.fun relaunches after domain hijack, confirms $30K in losses

ambcryptoPublicado em 2026-03-20Última atualização em 2026-03-20

Resumo

BONK.fun has restored its website following a domain hijack incident that resulted in approximately $30,000 in user losses. The breach, caused by a social engineering attack targeting its domain service provider, led to an unauthorized domain transfer. The attackers did not compromise BONK.fun’s internal systems or codebase. A phishing interface was deployed, tricking users into signing malicious transactions. The team will reimburse affected users at 110% of their losses. Full functionality was restored by March 19, though some antivirus providers still flag the domain. BONK’s price remains weak, trading near $0.0000059. The incident underscores vulnerabilities in third-party infrastructure rather than protocol-level flaws.

BONK.fun has restored its website following last week’s domain hijack. They confirm that the incident stemmed from a third-party provider breach and resulted in approximately $30,000 in user losses.

In an update shared on 20 March, the team said the attack was caused by a social engineering exploit targeting its domain service provider, which led to the domain being transferred to an external registrar.

The provider has since accepted responsibility for the incident.

The team added that there was no compromise of BONK. fun’s internal systems, codebase, or team accounts. They framed the attack as an external infrastructure breach rather than a protocol-level failure.

BONK phishing attack traced to domain takeover

The breach allowed attackers to take control of the BONK.fun website and deploy a phishing interface that prompted users to sign malicious transactions.

Earlier reports linked the attack to a fake terms-of-service signature request, which enabled unauthorized wallet access.

Blockchain analytics platform Bubblemaps had initially estimated losses at around $23,000, but the BONK.fun team has now revised that figure to $30,000.

In response, the team said it will reimburse affected users at 110% of their losses, covering both direct losses and opportunity costs.

Recovery delayed by registrar transfer

BONK.fun said the unauthorized domain transfer significantly slowed its ability to respond, as the domain was temporarily beyond its reach.

The domain was eventually restored on 18 March, with full functionality — including wallet integrations — returning by 19 March.

Wallet providers, including Phantom, MetaMask, and Solflare, were among those that helped flag the compromised domain.

Site relaunches, but warnings remain

Although BONK.fun is now back online, the team noted that some antivirus providers still flag its primary domain.

As a workaround, users experiencing access issues have been directed to an alternative domain, which mirrors the platform’s functionality.

BONK price shows continued weakness

Market reaction to the incident has remained muted, with BONK’s price continuing a broader downtrend.

At the time of writing, the token was trading near $0.0000059, reflecting ongoing weakness since early March highs.

Source: TradingView

The chart shows limited recovery momentum following the exploit, suggesting that sentiment remains cautious despite the platform’s relaunch.

Final Summary

BONK.fun has relaunched after a domain-level breach, confirming $30K in losses and offering full reimbursement to affected users.

The incident highlights how third-party infrastructure, not smart contracts, remains a key vulnerability in crypto platforms.

Perguntas relacionadas

QWhat was the cause of the BONK.fun domain hijack and how much were the user losses?

AThe domain hijack was caused by a social engineering exploit targeting BONK.fun's domain service provider, which led to the domain being transferred to an external registrar. The incident resulted in approximately $30,000 in user losses.

QDid the attack compromise any of BONK.fun's internal systems or codebase?

ANo, the team confirmed there was no compromise of BONK.fun's internal systems, codebase, or team accounts. They framed the attack as an external infrastructure breach.

QHow did the attackers exploit the hijacked domain, and what was the initial loss estimate?

AThe attackers deployed a phishing interface on the hijacked website that prompted users to sign malicious transactions. Blockchain analytics platform Bubblemaps initially estimated losses at around $23,000, which was later revised to $30,000 by the BONK.fun team.

QWhat compensation is BONK.fun providing to affected users and why was the recovery delayed?

ABONK.fun will reimburse affected users at 110% of their losses, covering both direct losses and opportunity costs. The recovery was delayed because the unauthorized domain transfer temporarily put the domain beyond the team's reach, slowing their response.

QWhat is the current status of the BONK.fun website and the BONK token's market performance?

AThe BONK.fun website has been restored with full functionality, though some antivirus providers still flag the primary domain, leading the team to provide an alternative domain for access. The BONK token continues to show weakness, trading near $0.0000059 with limited recovery momentum.

Leituras Relacionadas

$30 Billion DeFi Capital Exodus: LayerZero Stumbles, Chainlink Feasts

Following the major DeFi security incident involving Kelp DAO, a significant migration of funds is underway from the cross-chain protocol LayerZero to Chainlink's CCIP (Cross-Chain Interoperability Protocol). Over $30 billion in Total Value Locked (TVL) from protocols like Kelp DAO, Solv Protocol, Re, and Tydro has moved to Chainlink in the past week, driven by security concerns. LayerZero is facing a severe trust crisis after the attack. Initially denying responsibility, LayerZero Labs has now issued a public apology, acknowledging management oversights. These include a vulnerable "1/1" single-node configuration for its Decentralized Verification Network (DVN) and past misuse of a multi-signature wallet by a team member. The protocol's weekly bridge volume has slumped to near-historic lows of around $470 million. In contrast, Chainlink is experiencing a surge in adoption and activity. Its independent active addresses recently hit multi-month highs, and whales have been accumulating LINK tokens. Beyond DeFi, Chainlink is securing partnerships with traditional finance giants like DTCC, European stock exchange operator SIX Group, and asset manager Amundi. While LayerZero has announced security upgrades—such as migrating to stronger multi-signature configurations and developing a second DVN client—and contributed to a rescue fund, the event underscores that security is becoming a decisive competitive factor as DeFi matures.

marsbitHá 7m

$30 Billion DeFi Capital Exodus: LayerZero Stumbles, Chainlink Feasts

marsbitHá 7m

The $13 Trillion Repo Market Is Quietly Being Rewritten by Blockchain

The $13 trillion repurchase agreement (repo) market, a crucial artery for global short-term funding, is experiencing a significant transformation through blockchain technology. After years of limited impact in finance, blockchain is finding substantial adoption in repo transactions. Major institutions like JPMorgan Chase, HSBC, and Broadridge are deploying tokenized repo platforms, with daily volumes already reaching tens of billions of dollars. Traditional repo markets operate with fixed hours, rely on intermediaries, and involve manual, time-consuming processes. Tokenized repos, by contrast, use blockchain to create digital tokens representing cash and securities collateral. This enables near-instantaneous settlement, 24/7 trading, automated execution, and enhanced auditability. The key drivers for adoption include maturing technology, more receptive regulators, and growing client recognition of tangible benefits like reduced operational friction and capital efficiency. Analyses, such as one from Broadridge, indicate that moving a portion of repo activity onto blockchain can significantly reduce a bank's required liquidity buffers, potentially freeing up billions in capital. The infrastructure is also seen as foundational for a future of round-the-clock trading for traditional assets. Challenges remain, including the existence of fragmented blockchain networks, the need for stress testing under extreme market conditions, and the loss of operational flexibility compared to manual processes. However, the industry consensus is that these are implementation hurdles. Tokenized repo has moved beyond pilot stages to become one of blockchain's most concrete and impactful applications in traditional finance, marking a pivotal shift in how a core market functions.

marsbitHá 8m

The $13 Trillion Repo Market Is Quietly Being Rewritten by Blockchain

marsbitHá 8m

Bitwise: Why Are Top-Tier Capital Giants Aggressively Betting on New Public Blockchains Like Arc, Canton, and Tempo?

Why Top Institutions Are Betting Big on New Blockchains Like Arc, Canton, and Tempo This week saw a surge of major funding announcements for new, purpose-built blockchains. Circle's Arc raised $222M at a $3B valuation from investors like BlackRock. Canton Network developer Digital Asset secured $300M led by a16z at a $2B valuation. Stripe's Tempo, already a leader, raised $500M last year and has partnered with major firms. These three chains share key traits: they are designed for stablecoins and asset tokenization, they emerged after the US passed the *Genius Act* in July 2025, they natively support private transactions crucial for enterprise adoption, and they are backed by traditional finance and tech giants—unlike the crypto-native origins of Ethereum or Solana. This trend highlights three major shifts: 1) Clear regulation (like the pending *Clarity Act*) is unlocking massive institutional capital. 2) Built-in privacy is becoming a core feature for real-world business use, addressing the limitations of fully transparent ledgers. 3) Established corporations are now directly entering the blockchain arena, bringing significant resources and execution capability, which will accelerate innovation and competition across the entire crypto ecosystem.

marsbitHá 19m

Bitwise: Why Are Top-Tier Capital Giants Aggressively Betting on New Public Blockchains Like Arc, Canton, and Tempo?

marsbitHá 19m

From Gas Limit to 'Keyed Nonces', How to Understand the Next Step in Ethereum Scalability?

Ethereum’s scalability efforts are shifting toward a user-centric approach—focusing not only on higher TPS, but on translating technical upgrades into lower costs, smoother operations, and better wallet experiences. Two recent developments highlight this direction: - **Raising the Gas Limit to 200 million**: Following the Fusaka upgrade that increased it to 60 million, a consensus has formed around a potential future increase to 200 million. This would boost Ethereum’s execution capacity, but it is planned alongside other upgrades—such as ePBS, Block-Level Access Lists (BAL), and EIP-8037—to manage state growth and keep node operation viable for average participants. - **Keyed Nonces (EIP-8250)**: This proposal aims to improve how transactions are queued. Instead of a single linear nonce per account, it introduces multiple independent nonce domains. This prevents different types of transactions—such as private payments, session keys, or batch operations—from blocking each other. Vitalik Buterin views this as a foundational step toward better privacy support and more flexible state scalability. Together, these upgrades are part of a broader move to push complexity from wallets, DApps, and relays back into the protocol layer. For everyday users, this means future Ethereum interactions could become less congested, more intuitive, and safer—especially as core improvements in account abstraction, cross-L2 interoperability, and node decentralization continue to progress. Ultimately, Ethereum is evolving to handle not just more transactions, but more varied and complex on-chain use cases while preserving its decentralized foundation.

marsbitHá 30m

From Gas Limit to 'Keyed Nonces', How to Understand the Next Step in Ethereum Scalability?

marsbitHá 30m

Leaving OpenAI, How Much Has Their Net Worth Increased?

Former OpenAI employees have collectively accrued near-trillion dollar valuations through ventures and investments, charting AI's future. The article highlights two main paths: founding high-value companies like Anthropic and Perplexity, or applying insider insights as investors. Leopold Aschenbrenner exemplifies the investor path. After being fired from OpenAI, he leveraged firsthand knowledge of AI's massive energy demands to make hugely successful public market bets on nuclear and fuel cell companies, practicing "cross-industry cognitive arbitrage." Other alumni, like the Zero Shot VC fund founders, use their technical foresight for early-stage investing. Their key advantage lies not just in picking winners, but in knowing which technical approaches are likely dead ends—a "veto list" derived from internal OpenAI experience. Angel investing within the network, as seen with Mira Murati and Sam Altman, operates on deep, pre-existing understanding of a founder's capabilities, reducing due diligence to near zero. This creates an ecosystem bound by a shared belief in AGI's imminent arrival, differing from networks like the "PayPal Mafia" which were built on shared past struggles. The shift of these builders to investors signals a profound conviction: their situational awareness of the AI landscape is now so clear that deploying capital based on that judgment is more efficient than building themselves. They are allocating bets on the future they helped shape from the inside.

marsbitHá 41m

Leaving OpenAI, How Much Has Their Net Worth Increased?

marsbitHá 41m

Trading

Spot
Futuros
活动图片

Categorias popularesright-arrow

Etiquetas Popularesright-arrow