Attackers seize Bonk.fun domain and team account, push fake TOS that drains connected wallets; users report major losses
Hackers hijacked the Bonk.fun domain and pushed a fake terms‑of‑service prompt that drained connected wallets, prompting user warnings and browser phishing alerts [2][4].
Bonk.fun's domain and team account were compromised on March 12, enabling attackers to replace site content with a wallet‑draining phishing prompt and a fraudulent terms‑of‑service message; browser security warnings also flagged the site for suspected phishing after the changes [2][4][1].
The platform operator warned users to avoid the website after reports of drained wallets surfaced, and at least one trader publicly claimed a loss of roughly $273,000 after connecting their wallet; the operator (identified as Tom) said only users who approved the fake TOS prompt on the compromised site were affected [3][4][2].
Bonk.fun — originally launched as LetsBONK in April 2025 — has already seen a sharp decline in market position, with market share dropping from about 84% to near 7% by late 2025, a backdrop noted as the security breach highlighted vulnerabilities in decentralized launch platforms [5][1].
Reports and the operator indicated that previously established connections and transactions through external terminals remained unaffected; users were advised to avoid the compromised domain while investigations and remediation continued [4][5].
Anonymous signal used only for weekly cluster rankings. No public counters.
Share
Broadcast this coverage
Copy-ready links for the networks your audience checks first.
Support independent reporting
If this summary helped, a small tip helps keep ClusterWire running.
Privacy note: we log tip UI events (page + action, and article slug when applicable) to improve the feature. We don’t store IP address, user-agent, or wallet addresses in analytics. Tips are on-chain, so the sending address is public in the transaction.
Citations
Follow the primary reporting behind this analysis. Click a citation to open the referenced source in a new tab.
- 1BONK.fun team account hacked and used to launch wallet drainer on siteCrypto Briefing• Mar 12, 2026
- 2Hackers Hijack Bonk.fun Domain, Deploy Wallet-Draining Phishing PromptDecrypt• Mar 12, 2026
- 3Bonk.fun users report drained wallets after hackers hijack platform domaincrypto.news• Mar 12, 2026
- 4Bonk.fun hacked: Domain hijacked, crypto drainer plantedCoinDesk• Mar 12, 2026
- 5Bonk.fun Domain Seized by Hackers Who Deployed Wallet-Draining MalwareBlockonomi• Mar 12, 2026
Themes
Themes driving this story
Curated from the cluster of sources powering this article.