The team behind BONK.fun, a meme-coin platform built around the Bonk ecosystem, has warned users not to interact with its website after a malicious actor compromised the project’s domain.
In a post on X on 12 March, the platform said a “malicious actor has compromised the BONKfun domain.” It urged users to avoid the website until the issue is fully resolved.
The team did not immediately provide details about the nature of the breach or the number of users potentially affected.
Attack reportedly used fake signature prompt
Blockchain analytics platform Bubblemaps said the attacker appeared to gain control of the BONK.fun website. They then used it to display a malicious prompt designed to trick users into signing a fraudulent transaction.
According to the firm, victims were presented with what appeared to be a legitimate terms-of-service signature request. However, signing the message allowed attackers to drain funds from connected wallets.
Such attacks typically involve front-end compromises rather than vulnerabilities in smart contracts themselves, exploiting user interactions with decentralized application interfaces.
Investigators link multiple addresses to attacker
Bubblemaps said it identified 13 wallet addresses linked to the attacker, based on on-chain activity connected to the exploit.
The analytics platform estimated that about 35 users were affected, with roughly $23,000 in cryptocurrency stolen so far.
However, Bubblemaps noted that these figures are based on publicly available blockchain data and user reports, adding that some victims have claimed higher losses that have not yet been confirmed through on-chain analysis.
Incident highlights ongoing phishing risks in crypto
Domain compromises and phishing prompts remain a persistent threat in the cryptocurrency ecosystem.
Rather than exploiting vulnerabilities in blockchain protocols, attackers often target website infrastructure or user interfaces. They trick users into signing transactions that grant wallet permissions or transfer assets.
BONK.fun said it is working to secure the compromised domain and urged users to wait for an official announcement before interacting with the platform again.
The incident comes amid continued growth in meme-coin activity on the Solana network, where platforms like BONK.fun allow users to create and trade community tokens.
Final Summary
- The team behind BONK.fun warned users after its website domain was compromised, allowing attackers to deploy a phishing prompt that drained connected wallets.
- Bubblemaps said roughly 35 users were affected and about $23K stolen, though the figures are based on public on-chain data and user reports and may change as the investigation continues.
