The website of Solana-based token launch platform Bonk.fun was hijacked by hackers who deployed a malicious wallet drainer designed to steal cryptocurrency from users. The platform warned the users not to interact with the website after the breach was discovered. As per the reports, after the attackers gained access to the domain, they managed to insert a fraudulent prompt that tricked users into signing a transaction that could drain funds from connected wallets. This incident shows the growing security risks that decentralised platforms and cryptocurrency users face.
Malicious Prompt Used to Trick Users Into Signing Fraudulent Transactions
The hackers managed to compromise a team-associated account linked to the Bonk.fun platform first. The attackers, having access to the account, were able to alter the website and display a fake “Terms of Service” message. Users unaware of the repercussions approved a malicious transaction that allowed the attackers to withdraw funds from their accounts. Later, the Bonk.fun team urged users to avoid visiting the site until the platform’s security is fully restored.
A malicious actor has compromised the BONKfun domain, do not interact with the website until we have secured everything.
— BONK.fun (@bonkfun) March 12, 2026
In a post on X, the project operator Tom confirmed that the platform security is breached and said, “Do not use the bonk.fun domain until further notice”. Even though the platform said that the impact appeared limited because the breach was caught relatively quickly, many users reported losses after interacting with the compromised site.
A user reported that their wallet had been depleted of approximately 50 Solana SOL, or $86.12 (roughly Rs. 8,000), while another claimed to have lost roughly 10 SOL. A greater number of users reported different losses.
This incident comes at a time when phishing and social engineering attacks continue to target cryptocurrency users. Recently, security researchers warned about the “ClickFix” scam, in which hackers posed as meeting participants during fake Zoom calls to trick crypto executives into installing malicious software. By gaining access to wallets, private keys, or sensitive credentials, these attacks seek to compromise cryptocurrency platforms or steal digital assets.
Such incidents highlight the importance of verifying wallet approvals and avoiding suspicious prompts when interacting with decentralised applications. Before signing transactions with cryptocurrency wallets, users are frequently urged to carefully review the transaction permissions. A growing decentralised ecosystem calls for more attacks, targeting users and platforms, therefore increasing the need for stronger security practices across the industry.
Cryptocurrency is an unregulated digital currency, not a legal tender and subject to market risks. The information provided in the article is not intended to be and does not constitute financial advice, trading advice or any other advice or recommendation of any sort offered or endorsed by NDTV. NDTV shall not be responsible for any loss arising from any investment based on any perceived recommendation, forecast or any other information contained in the article.
