BONK Treasury Drained $20 Million by Attacker

The BONK memecoin's treasury has been drained of approximately $20 million following a successful malicious governance proposal. An attacker reportedly spent $4 million to acquire enough BONK tokens to pass the proposal, which then transferred the treasury's holdings to a wallet controlled by the attacker. Following the transfer, the attacker began selling the stolen tokens.
The incident highlights a critical vulnerability in decentralized governance mechanisms, where significant financial resources can be compromised through manipulation of voting power. The attacker's strategy involved accumulating a substantial amount of BONK tokens, thereby gaining sufficient voting weight to override legitimate governance decisions and execute their malicious intent. This event underscores the ongoing challenges in securing decentralized autonomous organizations (DAOs) against sophisticated attacks.
Details of the attack indicate that the attacker's initial investment of $4 million was strategically used to gain control over the governance process. Once the proposal was passed, the treasury funds were immediately moved, and the subsequent selling of BONK tokens likely aimed to liquidate the stolen assets and potentially manipulate the market price. The full extent of the financial impact and the specific methods used to bypass security measures are still under investigation by the BONK community and relevant security analysts.
This treasury drain represents a significant loss for the BONK ecosystem and its token holders. It raises questions about the robustness of the platform's security protocols and the effectiveness of its governance framework in preventing such exploits. The community is expected to review and implement enhanced security measures to prevent future occurrences and restore confidence in the project's stability and integrity.
Original source — read the full reporting at the publisher:
Read on CoinDesk