BONK Treasury Drained of $20 Million Following Malicious Governance Proposal

The memecoin project BONK has reportedly experienced a significant treasury drain, with an attacker siphoning off $20 million by exploiting its governance system. The perpetrator executed this theft by acquiring $4 million worth of BONK tokens, which provided sufficient voting power to pass a malicious governance proposal.
Exploiting Decentralized Governance
Decentralized Autonomous Organizations (DAOs) like BONK operate on principles of community-driven decision-making, often through token-weighted voting. In this incident, the attacker leveraged this mechanism by strategically purchasing a substantial amount of BONK tokens. With enough voting power, they successfully passed a proposal that directed the project's treasury funds directly to a wallet under their control. Following the transfer, the attacker immediately began selling the stolen assets, indicating a pre-meditated and coordinated exploit.
This type of attack, while rare, highlights a critical vulnerability in some DAO structures where concentrated token ownership can override the collective will and security safeguards. Similar incidents have plagued the DeFi space, with protocols like Summer.fi halting vaults after a $6 million exploit.
Why it Matters
This incident underscores the inherent risks associated with token-weighted governance models, especially for projects with large treasuries. While designed for decentralization, these systems can become a vector for attack if a single entity gains sufficient control. For the broader altcoin market, such exploits can erode investor confidence and prompt closer scrutiny of DAO security architectures. It emphasizes the need for continuous audits, more sophisticated governance mechanisms, and potentially multi-signature approvals for significant treasury movements to mitigate the risk of a single point of failure. The crypto ecosystem continues to face substantial threats from exploits, with Q2 alone seeing $807.5 million lost to such incidents, according to CertiK, indicating that the ecosystem is "no safer" than before, as reported in recent analyses.
Key Takeaways
- BONK project's treasury suffered a $20 million drain.
- An attacker spent $4 million to acquire enough BONK tokens to influence governance.
- A malicious governance proposal was passed, transferring funds to the attacker's wallet.
- The attacker immediately began selling the stolen BONK tokens.
- The incident highlights vulnerabilities in token-weighted DAO governance.
◆ Related

XRP Stalls Near $1.14 as Muted Volume Hinders Breakout Attempt
XRP's attempt to break past the **$1.14** resistance level has stalled due to muted trading volume, leaving traders awaiting confirmation of a sustained move.

Injective CEO: Layer 1 Blockchains Face Decentralization vs. Scalability 'Tug-of-War'
Injective CEO Eric Chen states that Layer 1 blockchains face a "tug-of-war" between decentralization and the growing demand for speed and scalability.

BonkDAO Reports $20 Million Theft Stemming from Malicious Governance Proposal
BonkDAO, the entity behind the memecoin project, has reported a $20 million theft resulting from a malicious governance proposal.