BONK faces $20 million treasury drain after attacker spends $4 million to pass malicious proposal
The attacker bought enough of the memecoin’s tokens to pass a governance proposal that sent the group’s holdings to a wallet they controlled, then began selling.
Make preferred on
Share this article
Summary
- An attacker used BONK DAO’s onchain governance system to pass a proposal that automatically drained about $20 million in BONK tokens from the project’s treasury.
- By spending roughly $4.4 million to buy just over 1 percent of BONK’s supply, the attacker met the quorum threshold, effectively becoming a single decisive voter in a low-turnout ballot that passed with 99.9 percent “yes” votes.
- The incident underscores how token-based governance can leave treasuries vulnerable when a temporary voting majority can be cheaply bought, reigniting debate over whether such actions are theft or merely exploitation of flawed rules.

