An attacker exploited a token-weighted governance mechanism to drain approximately $20 million from the BonkDAO treasury on March 26, 2025, according to on-chain data and statements from the project’s team. The breach targeted a Solana-based smart contract tied to the BonkDAO’s treasury management system, raising fresh concerns about governance security in decentralized finance (DeFi).
How the Attack Unfolded
Blockchain security analysts at Rekt News reported that the attacker used a flash loan to temporarily acquire a large position in BONK tokens, then leveraged that inflated voting weight to push through a malicious governance proposal. The proposal transferred treasury assets — including BONK, USDC, and SOL — to a wallet controlled by the attacker. The entire transaction was executed within a single block, making it difficult for validators or monitoring bots to intervene.
Also read: Paul Atkins Says SEC Is Taking ‘Historic Steps’ to Move Markets On-Chain
On-chain data shows the attacker then bridged a portion of the stolen funds to Ethereum and began mixing them through privacy protocols. As of March 27, roughly $8 million of the stolen assets remain traceable on Solana, while the rest has been moved across chains.
Immediate Response From BonkDAO
BonkDAO’s core contributors announced a temporary halt to all treasury-related smart contracts shortly after the exploit was detected. In a post on X (formerly Twitter), the team stated they are working with blockchain forensics firms Halborn and TRM Labs to trace the funds and identify the attacker. The team also urged centralized exchanges to freeze any deposits linked to the exploiter’s wallet addresses.
Also read: Ripple Partners With Water.org to Expand Clean Water Access Using RLUSD Stablecoin
“We are assessing the full impact and will provide a detailed post-mortem once the investigation is complete,” the team wrote. “Community funds held in user wallets are not affected.”
Broader Implications for Governance Security
The exploit is the latest in a series of attacks targeting token-weighted governance systems in DeFi. In 2024, similar vulnerabilities were exploited in protocols like Mango Markets and Beanstalk, where attackers used flash loans to manipulate voting outcomes. Security experts argue that token-weighted governance is inherently vulnerable to short-term capital concentration, especially when combined with flash loans.
“This is a textbook example of a ‘governance attack’ where the attacker doesn’t need to break the code — they just need to temporarily own enough tokens to control the vote,” said Samczsun, a partner at crypto security firm Approach, in a post on X. “Projects that rely solely on token-weighted voting without time-weighted or quadratic mechanisms remain exposed.”
Market Impact and Community Reaction
The price of BONK dropped approximately 12% in the hours following the news, from $0.000032 to $0.000028, before partially recovering to $0.000030, according to CoinGecko. The broader Solana memecoin sector also saw a slight pullback, with tokens like WIF and MYRO declining 3–5%.
Some community members criticized BonkDAO for not implementing time-locks or multi-sig requirements on large treasury transfers. Others defended the team, noting that the exploit exploited a novel vector that had not been publicly documented before.
Frequently Asked Questions
How did the BonkDAO exploit work?
The attacker used a token-weighted governance exploit, likely via a flash loan, to temporarily inflate their voting power and approve a malicious proposal that transferred treasury assets.
How much was stolen from BonkDAO?
Approximately $20 million worth of tokens and stablecoins were drained from the BonkDAO treasury, including BONK tokens and other Solana-based assets.
Is the BonkDAO team taking any action?
Yes, BonkDAO has paused all treasury operations and is collaborating with blockchain security firms to trace the stolen funds and identify the attacker.
What is a token-weighted exploit?
A token-weighted exploit occurs when an attacker manipulates a governance system that bases voting power on token holdings, often using flash loans to temporarily acquire large amounts of tokens.