Key Highlights
- BonkDAO lost approximately $20 million in BONK tokens.
- The exploit involved a malicious governance proposal.
- The proposal reportedly passed before concerns were identified.
BonkDAO, the community governance body behind Solana-based memecoin BONK, says it has lost an estimated $20 million worth of BONK tokens after a malicious governance proposal was approved, allowing funds to be drained from the DAO’s treasury.
In an X post on Monday, the Solana-based project said that it is coordinating with exchanges, blockchain partners, and law enforcement as it investigates the attack and attempts to recover the stolen assets.
How the exploit unfolded
According to BonkDAO, the attacker used a malicious governance proposal that ultimately resulted in the unauthorized transfer of approximately $20 million in BONK tokens from the DAO treasury.
The project did not disclose technical details of how the proposal passed or whether the governance mechanism itself was compromised. However, it confirmed that the incident is being treated as an active investigation.
Governance systems allow token holders to vote on proposals that determine how decentralized organizations manage funds and protocol changes. When compromised, they can become a pathway for attackers to gain control over treasury assets.
BONK price slips following the incident

BONK came under selling pressure after news of the governance exploit became public. According to CoinMarketCap, the token was trading at $0.0000543, down 9.37% over the previous 24 hours, while its market capitalization declined to approximately $380 million.
The token initially attempted to recover earlier in the trading session before reversing sharply as reports of the estimated $20 million treasury drain spread. Trading volume also climbed more than 48% during the same period, indicating heightened market activity as investors reacted to the incident. Despite the daily decline, BONK remained 2.62% higher over the past week, suggesting the token had recovered some ground before the governance attack.
Full report on exploit still expected
BonkDAO said investigators have already identified exchange wallets that were used to purchase BONK before the governance proposal was submitted. The project said it is working with cryptocurrency exchanges, cross-chain bridge operators, and the Solana Foundation to track the movement of funds and limit further transfers where possible.
BonkDAO added that law enforcement agencies have been notified and that it is cooperating with relevant parties to identify those responsible and pursue fund recovery.
Governance security faces renewed scrutiny
The incident adds to a growing list of governance-related attacks targeting decentralized autonomous organizations (DAOs), where attackers exploit voting mechanisms rather than vulnerabilities in smart contract code.
While BonkDAO has not announced whether governance procedures will change following the incident, the attack is likely to renew discussion around safeguards for treasury management, voting thresholds, and proposal review processes across decentralized governance systems. The investigation remains ongoing, and BonkDAO said it will continue working with ecosystem partners as efforts to trace and recover the funds continue.
Surge in DeFi exploits
DeFi security remains a critical concern in 2026 as the sector experiences a sharp rise in exploits despite growing maturity. Hackers continue to exploit smart contract vulnerabilities, governance loopholes, flash loan attacks, and oracle manipulations, resulting in hundreds of millions in losses across various chains.
High-profile incidents this year include a $292 Kelp DAO attack, $45M breach of the Aave V3 lending protocol via oracle manipulation in March, an exploit on the Solana-based DEX Jupiter in April, and others.
These events underscore the persistent gap between rapid innovation and robust security practices.
Also Read: AVAX One Changes CEOs as Crypto Treasury Stocks Struggle
