Someone Spent $4.4M Buying BONK Votes on Bybit and Binance and Walked Out With $20M Legally

BONK DAO governance attack

Most crypto thefts start with a bug, a leaked private key, or a phishing scam. This one started with a shopping spree. The BONK DAO governance attack unfolded after one wallet quietly accumulated enough voting power to push through a proposal that emptied the project’s treasury. The code worked exactly as intended, which is precisely why the incident has sparked fresh concerns about governance across decentralized finance.

Also Read: The Man Who Built BlackRock’s Bitcoin ETF Now Runs the $10T Fund That Refused to List It

Why the BONK DAO Attack Was Not a Hack and Why That Makes It Far More Dangerous

DAO treasury exploit
Source: Kaspersky

According to reports, the attacker accumulated just over 1% of BONK’s total supply between July 4 and July 5, spending roughly $4.4 million on Bybit and Binance. This stake was enough to meet the quorum needed for Bonk Improvement Proposal 76. This proposes transferring the DAO treasury to an attacker-controlled wallet.

When voting closed, only seven wallets had participated despite the DAO having more than 18,000 members. The proposal scraped past the required threshold with 882.38 billion BONK voting in favor, barely above the 879.95 billion quorum requirement.

Once approved, the transfer is executed automatically on-chain, moving roughly $20 million worth of BONK from the treasury.

Also Read: Oil Sanctions Back, Bitcoin Down, Gold Up as the Iran War Oil Price Shock Returns

Low Voter Turnout Made the Attack Possible

Security researchers were quick to point out that this was not a smart contract exploit. SlowMist co-founder Yu Xian said the attacker simply purchased enough tokens to influence governance. This allowed the protocol to carry out a transaction it had already authorized.

The BONK DAO governance attack has drawn comparisons to the Beanstalk exploit in 2022. During this, attackers used flash loans to seize voting power and drain about $182 million. This time, no flash loan or coding expertise was needed. Capital alone was enough.

BONK price drop
Source: CoinMarketCap

BONK’s price drop reflected those concerns. The token lost roughly 8% following the vote. Meanwhile, Upbit temporarily suspended BONK deposits and withdrawals as a precaution. BonkDAO said it has notified law enforcement. It is working alongside the Solana Foundation, exchanges, and blockchain security firms to trace the stolen funds.

Beyond the immediate DAO treasury exploit, the incident has brought to light debate over governance safeguards across the industry. As more protocols place billions under token-holder control, the Solana governance attack serves as a reminder that weak participation can become just as dangerous as vulnerable code. For many investors, this may end up being the most significant piece of BONK token news this year.

Also Read: China Considers Curbs on Overseas AI Access as DeepSeek Builds Its Own Chip

Sahana Kiran

Written by Sahana Kiran

Sahana Kiran has been covering financial markets since 2019, with a focus on cryptocurrencies, fintech, and the geopolitical events shaping them. She previously reported for AmbCrypto and Watcher Guru, and now writes for BlockNow.

Read Next