Crypto Alert: Bonk.fun Domain Hack Exposes Solana Traders to Wallet Drain
The Crypto platform has confirmed that their main domain website has been hacked, exposing its users to a wallet withdrawal exploit.
Unhappy Crypto Hacking
It is a universally accepted fact that, regardless of the global crisis of the country, hackers will continue to destroy the crypto market. This time, the victim was the memecoin issuing platform Bonk.fun. In a March 12 post on social media site X, Tom (@SolportTom), one of its users, warned users not to connect to the site “until they become more aware”, as hackers have installed a crypto wallet drainer on it:
Do not use the domain until further notice, hackers have stolen the group’s account forcing a drain on DOMAIN.
URGENT.
— Tom (@SolportTom) March 12, 2026
The official X account of the Solana token launchpad, which is supported by Raydium and the BONK community, also announced the hack and echoed Tom’s warning:
A malicious actor has compromised the BONKfun site, do not connect to the website until we secure everything.
– BONK.fun (@bonkfun) March 12, 2026
Who is Affected and How
Tom explained that a phishing scam created a fake “Terms of Services” (TOS) document that, when signed, allowed the phisher to transfer funds to an unsuspecting user. According to Tom, the only users who were put at risk were those who contacted the fake TOS. He clarified that previously connected users or sellers of bonk fun tokens on third-party terminals are not affected. He also confirmed that the security breach was detected early so that “losses are minimal so far”:
To answer the concern I see:
1. No if you have connected to bonk fun in the past you are not affected
2. No if you trade bonk fun tokens in terminals etc you are not affected
3. The only people affected were the people who signed the fake TOS message on the bonkfun domain after…
— Tom (@SolportTom) March 12, 2026
This is not a Raydium or BONK smart contract exploit, but a Web2 infrastructure failure story straight out of Web3. These types of domain hacking and phishing drainer scripts work by attackers who take over the front end and launch normal-looking commands that abuse wallet authentication.
A Pattern of Exploited Disability
In recent years, phishing and “fake UI” attacks have stolen billions of dollars: one Chainalysis investigation reported a $14 billion figure in on-chain fraud by 2025, with projections pointing to more than $17 billion as more wallets continue to be identified.
As cryptocurrencies grow and AI-driven impersonation scales, crypto security in 2026 is less about complete code and more about protecting everything around it: from domains to public accounts, employees and user decision-making. In February last year, attackers hijacked Pump.fun X’s account to push a fake PUMP token, as revealed by our sister website NewsBTC. Not too long ago, OG trader Sillytuna was kicked out of the crypto market after a multi-billion dollar theft involving internet address poisoning and offline acts of violence.
The times are testing online and offline traders, both inside and outside the bloc. As the crypto landscape grows more complex, traders would do well to raise their awareness: prefer direct contractual interactions or trusted aggregators, and use tools to regularly monitor and revoke token authorizations.
SOL’s price trends to the upside on the daily chart. Source: SOLUSDT on Tradingview
Cover image from Perplexity, SOLUSDT chart from Tradingview
Planning process because bitcoinist focuses on delivering well-researched, accurate, and unbiased content. We maintain strict sourcing standards, and each page is diligently reviewed by our team of senior technical experts and experienced editors. This process ensures the integrity, relevance, and value of our content to our readers.
