TLDR:
- BONKfun’s domain was hijacked via social engineering on March 11, targeting its domain registrar directly.
- The attack deployed a wallet drainer, causing approximately $30,000 in total user losses over one week.
- The domain was fully recovered on March 18, with the platform securely relaunching on March 19.
- BONKfun will reimburse all affected users at 110% of their losses to cover opportunity costs incurred.
BONKfun, the Solana-based memecoin launchpad, is back online following a domain hijacking incident on March 11. Attackers used social engineering to target the platform’s domain registrar, gaining unauthorized access and deploying a wallet drainer.
The breach remained external to BONKfun’s internal systems throughout. Over roughly one week, users suffered approximately $30,000 in losses.
The team has since recovered the domain and relaunched the site, pledging to reimburse all affected users at 110% of their losses.
How the Social Engineering Attack Unfolded
The breach began when a malicious actor manipulated BONKfun’s domain service provider through social engineering.
This allowed the attacker to transfer the domain to an external registrar without authorization. The move effectively cut the team off from quick recovery options. It also enabled the deployment of a wallet drainer on the hijacked site.
Once the team identified the breach, they moved quickly to disable the site entirely. They coordinated with major wallet providers, including Phantom, Solflare, and MetaMask, to flag the domain as malicious.
Security organization @_SEAL_Org also assisted in spreading awareness rapidly. These combined efforts helped contain further damage to users.
BONKfun confirmed the incident did not compromise its internal systems, codebase, or team accounts. The domain service provider accepted responsibility for the unauthorized transfer.
This acknowledgment helped clarify where the vulnerability originated. It also reassured users that the platform’s core infrastructure remained intact.
The team released a detailed post on X, stating that the domain transfer “greatly inhibited” their ability to relaunch quickly and securely.
BONKfun is back and here’s what happened
On March 11, the BONKfun website was hijacked by a malicious actor via a social engineering targeting our domain service provider. This resulted in the domain being transferred to an external registrar.
The domain service provider has…
— BONK.fun (@bonkfun) March 20, 2026
The statement outlined each step taken to address the breach. It also confirmed that security partners played a key role in early containment. Transparency remained central to the team’s communication throughout the incident.
Recovery Process and User Reimbursement Plan
The domain and its registration were fully transferred back around 5:00 PM Eastern Time on March 18. Full wallet provider functionality was then restored late on March 19.
This allowed BONKfun to safely relaunch the site with security measures in place. The recovery took approximately one week from the date of the initial attack.
Following the relaunch, several antivirus software providers continued to flag the main BONKfun domain. As a result, the team activated an alternative URL, letsBONK.fun, for affected users.
Both sites carry the same full functionality as the primary platform. The team is actively working to remove the remaining antivirus flags.
To address user losses, BONKfun announced a reimbursement plan at 110% of confirmed losses. The additional 10% accounts for opportunity costs incurred during the downtime period.
Total estimated losses across all affected users stand at approximately $30,000. This approach reflects the team’s commitment to accountability after the attack.
The incident serves as a reminder that social engineering remains a persistent threat in the crypto space. Domain registrar-level attacks can bypass even the most secure internal systems.
Platforms in decentralized finance must maintain strong communication with their infrastructure providers. BONKfun’s response offers a clear example of structured and transparent crisis management.
The post BONKfun Recovers from Domain Hijacking Attack, Promises 110% Reimbursement to Affected Users appeared first on Blockonomi.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.