Login
Sign Up
Woofun AI reports that a $20 million treasury drain from the BONK DAO was executed not through a software bug or a failed smart contract, but via an anonymous trader who legally exploited protocol rules. The attacker invested $4.4 million to secure voting control, demonstrating that the protocol functioned exactly as designed while failing to protect community assets from determined, well-funded participants.
The incident originated on June 30 when a governance proposal was submitted to transfer 4.426T tokens, valued at $21.2M, to a specific wallet identified as 9bxW…JHvQ. Approval for this transaction required yes votes representing 1% of BONK’s total supply. The proposal text promised to rebuild the DAO and improve treasury management, masking the critical instruction to transfer funds to the proposer’s controlled address.
Accumulating the necessary voting power occurred quietly between July 4 and July 5. The attacker utilized Binance and Bybit for purchases and engaged in borrowing to finance the campaign. This strategy cost approximately $4.4 million but secured enough influence to decide the outcome. Only seven wallets cast yes votes, while more than 18,000 community members abstained, resulting in a mere 2.9% voter turnout.
Woofun AI data shows the proposal passed by the smallest possible margin above quorum, allowing one participant to effectively approve a transfer that benefited their own wallet. Once voting concluded, the smart contract automatically executed the transaction, moving around $20 million out of the treasury. Blockchain records confirmed that every step adhered to protocol rules, with no bypasses or unauthorized code execution.
Within nine hours of the transfer, approximately $188,000 reached an exchange, likely for immediate liquidation. The remaining $19 million was moved into a multisignature wallet, which requires multiple approvals for future transfers. This separation of funds suggests a structured approach to securing the stolen assets before further movement.
About one hour after the treasury transfer, the attacker began selling the BONK tokens purchased for voting power. Roughly $5.3 million worth entered the market, while the Treasury tokens remained separate from these sales. This sequence allowed the attacker to realize a profit of $16.8M after recouping the initial $4.4M investment and covering transaction costs.
BONK DAO confirmed the incident, identifying exchange wallets linked to token purchases prior to voting. Teams are now collaborating with exchanges, crypto bridges, and the Solana Foundation to limit further damage. Law enforcement has been notified, and investigators continue efforts to recover assets and identify the individuals behind the operation.
The incident has divided crypto observers, with some viewing it as clever exploitation and others describing it as straightforward theft. Protocol rules allowed every action, yet community expectations suffered serious damage. A larger lesson now stands before every DAO: Treasury security depends on governance design, not only smart contracts. Cheap voting power can become an expensive weakness.