BONK.fun relaunches after domain hijack, confirms $30K in losses

ambcrypto2026-03-20 tarihinde yayınlandı2026-03-20 tarihinde güncellendi

Özet

BONK.fun has restored its website following a domain hijack incident that resulted in approximately $30,000 in user losses. The breach, caused by a social engineering attack targeting its domain service provider, led to an unauthorized domain transfer. The attackers did not compromise BONK.fun’s internal systems or codebase. A phishing interface was deployed, tricking users into signing malicious transactions. The team will reimburse affected users at 110% of their losses. Full functionality was restored by March 19, though some antivirus providers still flag the domain. BONK’s price remains weak, trading near $0.0000059. The incident underscores vulnerabilities in third-party infrastructure rather than protocol-level flaws.

BONK.fun has restored its website following last week’s domain hijack. They confirm that the incident stemmed from a third-party provider breach and resulted in approximately $30,000 in user losses.

In an update shared on 20 March, the team said the attack was caused by a social engineering exploit targeting its domain service provider, which led to the domain being transferred to an external registrar.

The provider has since accepted responsibility for the incident.

The team added that there was no compromise of BONK. fun’s internal systems, codebase, or team accounts. They framed the attack as an external infrastructure breach rather than a protocol-level failure.

BONK phishing attack traced to domain takeover

The breach allowed attackers to take control of the BONK.fun website and deploy a phishing interface that prompted users to sign malicious transactions.

Earlier reports linked the attack to a fake terms-of-service signature request, which enabled unauthorized wallet access.

Blockchain analytics platform Bubblemaps had initially estimated losses at around $23,000, but the BONK.fun team has now revised that figure to $30,000.

In response, the team said it will reimburse affected users at 110% of their losses, covering both direct losses and opportunity costs.

Recovery delayed by registrar transfer

BONK.fun said the unauthorized domain transfer significantly slowed its ability to respond, as the domain was temporarily beyond its reach.

The domain was eventually restored on 18 March, with full functionality — including wallet integrations — returning by 19 March.

Wallet providers, including Phantom, MetaMask, and Solflare, were among those that helped flag the compromised domain.

Site relaunches, but warnings remain

Although BONK.fun is now back online, the team noted that some antivirus providers still flag its primary domain.

As a workaround, users experiencing access issues have been directed to an alternative domain, which mirrors the platform’s functionality.

BONK price shows continued weakness

Market reaction to the incident has remained muted, with BONK’s price continuing a broader downtrend.

At the time of writing, the token was trading near $0.0000059, reflecting ongoing weakness since early March highs.

The chart shows limited recovery momentum following the exploit, suggesting that sentiment remains cautious despite the platform’s relaunch.

Final Summary

BONK.fun has relaunched after a domain-level breach, confirming $30K in losses and offering full reimbursement to affected users.

The incident highlights how third-party infrastructure, not smart contracts, remains a key vulnerability in crypto platforms.

İlgili Sorular

QWhat was the cause of the BONK.fun domain hijack and how much were the user losses?

AThe domain hijack was caused by a social engineering exploit targeting BONK.fun's domain service provider, which led to the domain being transferred to an external registrar. The incident resulted in approximately $30,000 in user losses.

QDid the attack compromise any of BONK.fun's internal systems or codebase?

ANo, the team confirmed there was no compromise of BONK.fun's internal systems, codebase, or team accounts. They framed the attack as an external infrastructure breach.

QHow did the attackers exploit the hijacked domain, and what was the initial loss estimate?

AThe attackers deployed a phishing interface on the hijacked website that prompted users to sign malicious transactions. Blockchain analytics platform Bubblemaps initially estimated losses at around $23,000, which was later revised to $30,000 by the BONK.fun team.

QWhat compensation is BONK.fun providing to affected users and why was the recovery delayed?

ABONK.fun will reimburse affected users at 110% of their losses, covering both direct losses and opportunity costs. The recovery was delayed because the unauthorized domain transfer temporarily put the domain beyond the team's reach, slowing their response.

QWhat is the current status of the BONK.fun website and the BONK token's market performance?

AThe BONK.fun website has been restored with full functionality, though some antivirus providers still flag the primary domain, leading the team to provide an alternative domain for access. The BONK token continues to show weakness, trading near $0.0000059 with limited recovery momentum.

İlgili Okumalar

Earning Millions Daily in a Sluggish Market: Is Pump.fun's Revenue Real?

Despite a perceived market downturn, pump.fun remains a top revenue-generating crypto-native application, ranking fourth in earnings behind only Tether, Circle, and Hyperliquid across various timeframes. Its daily income consistently exceeds one million USD, derived from three primary sources: a 0.95% protocol fee on bonding curve transactions, a token’s "graduation" fees on Pumpswap, and revenue from its acquired multi-chain trading platform, Terminal (formerly Padre). On-chain analysis confirms the bonding curve revenue is authentic, with no evidence of fake transfers or data manipulation. However, questions arise about the organic nature of this activity. While Solana’s daily active addresses range between 1.2-2.2 million, pump.fun sees about 150,000, with roughly 30,000 new tokens deployed daily. Data suggests a significant portion of tokens are launched by a small group of sophisticated deployers, not organic users. Moreover, research indicates that 98.6% of tokens on pump.fun are pump-and-dump schemes, turning the platform into a low-cost, high-efficiency "casino" where deployers profit at the expense of retail investors. Despite pump.fun using nearly all its income to buy back its native token, $PUMP, the price continues to fall due to a lack of buyer confidence and organic demand. The fundamental issue is not revenue authenticity but the platform's role in facilitating a predatory ecosystem, making it unattractive to long-term institutional investment.

marsbit19 dk önce

Earning Millions Daily in a Sluggish Market: Is Pump.fun's Revenue Real?

marsbit19 dk önce

Gold Plunges for a Week, '1983 Great Sell-Off' Repeats, Middle East 'Selling Gold for Funds'?

Gold recorded its worst weekly decline in 43 years, echoing the historic 1983 sell-off. Spot gold fell for eight consecutive days, while silver dropped over 15%, with palladium and platinum also declining. The sell-off was triggered by escalating Middle East conflicts, which raised energy prices and reduced expectations for Fed rate cuts. Markets now price a 50% chance of a Fed hike by October. Higher inflation expectations and rising real interest rates diminished gold's appeal as a non-yielding asset. Additionally, tightening dollar liquidity, reflected in widening cross-currency basis swaps, intensified pressure on gold, often liquidated first during dollar shortages. Technical indicators worsened, with RSI falling below 30, triggering stop-losses and self-reinforcing selling. Gold ETFs saw outflows for three straight weeks, losing over 60 tons. The current situation parallels the 1983 crash when OPEC nations, facing falling oil revenue, sold gold reserves to raise cash, causing a rapid price collapse. Then, as now, Middle Eastern selling pressured gold, with impacts spreading across commodities. Despite a 4% year-to-date gain, stagflation risks are rising. Goldman Sachs estimates energy price increases could reduce global growth by 0.3% and raise inflation by 0.5-0.6%. Gold's future depends on real interest rates and geopolitical developments—continued conflict may sustain pressure, while de-escalation could revive safe-haven demand.

marsbit29 dk önce

Gold Plunges for a Week, '1983 Great Sell-Off' Repeats, Middle East 'Selling Gold for Funds'?

marsbit29 dk önce

Quant enters crucial supply zone: Will QNT’s 24% weekly rally falter?

Quant (QNT) has surged 24.14% in the past week, significantly outperforming Bitcoin, which declined 2.64%. The altcoin is approaching a critical supply zone between $80 and $88, a key resistance area. While QNT has shown strength by rebounding from the long-term demand zone of $55–$60, its weekly chart still reflects a bearish structure, with the RSI below 50 and OBV not trending higher. Key resistance levels to watch are $88, $105, and $135. A daily close above $88 could signal a bullish continuation, while rejection at $80 and a drop below $75 may indicate a bearish reversal. Traders are advised to consider taking profits in the $80–$88 zone or wait for a clear breakout above $88 or breakdown below $75 for directional bias.

ambcrypto35 dk önce

Quant enters crucial supply zone: Will QNT’s 24% weekly rally falter?

ambcrypto35 dk önce

Chainlink Maxi Shares Why LINK Is A Better Institutional Bet Than XRP

In a controversial post, Chainlink ambassador Zach Rynes sparked debate by arguing that LINK is a superior institutional investment compared to XRP. He criticized Ripple for prioritizing equity shareholders over XRP token holders, claiming the company uses XRP sale proceeds to fund corporate acquisitions and stock buybacks that don’t benefit token investors. Rynes dismissed the XRP Ledger as an "obsolete ghost chain" with minimal market share in real-world assets and stablecoins, while highlighting Chainlink’s dominance in DeFi, institutional partnerships, and structurally aligned incentives—noting that even Chainlink employees are rewarded in LINK, not equity. Ripple’s former CTO, David Schwartz, countered that Ripple’s consistent XRP sales created lower entry prices for buyers, a claim Rynes rejected as "elite-tier gaslighting."

bitcoinist35 dk önce

Chainlink Maxi Shares Why LINK Is A Better Institutional Bet Than XRP

bitcoinist35 dk önce

XRP, Ethereum, Others Get SEC Shock: Analyst Says $4.7 Trillion Has Been Unlocked

The U.S. SEC has signaled a major policy shift, indicating that many crypto assets—including XRP, Ethereum, Solana, and 13 others—are not securities but "digital commodities." This reclassification could unlock an estimated $4.7 trillion in capital, combining the $1.8 trillion market cap of these assets with nearly $3 trillion in sidelined institutional funds. The new stance may collapse ongoing lawsuits against exchanges like Coinbase and Kraken, accelerate spot ETF approvals for various cryptocurrencies, and encourage greater institutional participation from firms like BlackRock and Goldman Sachs. However, this remains an interpretive shift, not law, and its long-term durability is uncertain pending legislative action.

bitcoinist1 saat önce

XRP, Ethereum, Others Get SEC Shock: Analyst Says $4.7 Trillion Has Been Unlocked

bitcoinist1 saat önce

İşlemler

Spot

Futures