- BONK DAO governance attack sees $20 million drained from the treasury through a malicious proposal
- Only 7 wallets voted out of 18,000 members, the attacker controlled 99.9% of votes cast, and the proposal passed by the narrowest margin: 882.38B BONK vs an 879.95B threshold
- No code was exploited, and no rule was broken, making this a governance attack, not a hack, with BONK down 8-9% and Upbit suspending deposits as law enforcement investigates
Most crypto thefts start with a bug, a leaked private key, or a phishing scam. This one started with a shopping spree. The BONK DAO governance attack unfolded after one wallet quietly accumulated enough voting power to push through a proposal that emptied the project’s treasury. The code worked exactly as intended, which is precisely why the incident has sparked fresh concerns about governance across decentralized finance.
Also Read: The Man Who Built BlackRock’s Bitcoin ETF Now Runs the $10T Fund That Refused to List It
Why the BONK DAO Attack Was Not a Hack and Why That Makes It Far More Dangerous

According to reports, the attacker accumulated just over 1% of BONK’s total supply between July 4 and July 5, spending roughly $4.4 million on Bybit and Binance. This stake was enough to meet the quorum needed for Bonk Improvement Proposal 76. This proposes transferring the DAO treasury to an attacker-controlled wallet.
When voting closed, only seven wallets had participated despite the DAO having more than 18,000 members. The proposal scraped past the required threshold with 882.38 billion BONK voting in favor, barely above the 879.95 billion quorum requirement.
Once approved, the transfer is executed automatically on-chain, moving roughly $20 million worth of BONK from the treasury.
Also Read: Oil Sanctions Back, Bitcoin Down, Gold Up as the Iran War Oil Price Shock Returns
Low Voter Turnout Made the Attack Possible
Security researchers were quick to point out that this was not a smart contract exploit. SlowMist co-founder Yu Xian said the attacker simply purchased enough tokens to influence governance. This allowed the protocol to carry out a transaction it had already authorized.
The BONK DAO governance attack has drawn comparisons to the Beanstalk exploit in 2022. During this, attackers used flash loans to seize voting power and drain about $182 million. This time, no flash loan or coding expertise was needed. Capital alone was enough.

BONK’s price drop reflected those concerns. The token lost roughly 8% following the vote. Meanwhile, Upbit temporarily suspended BONK deposits and withdrawals as a precaution. BonkDAO said it has notified law enforcement. It is working alongside the Solana Foundation, exchanges, and blockchain security firms to trace the stolen funds.
Beyond the immediate DAO treasury exploit, the incident has brought to light debate over governance safeguards across the industry. As more protocols place billions under token-holder control, the Solana governance attack serves as a reminder that weak participation can become just as dangerous as vulnerable code. For many investors, this may end up being the most significant piece of BONK token news this year.
Also Read: China Considers Curbs on Overseas AI Access as DeepSeek Builds Its Own Chip