BONK DAO lost $20 million in a governance attack: token crashed by 10%
A major incident in the world of decentralized finance: BONK DAO has officially confirmed that approximately $20 million worth of BONK tokens were withdrawn from its treasury. The attack was carried out through a malicious governance proposal that the attacker managed to pass through the DAO's voting system.
Immediately after the attack was confirmed, the price of the memecoin BONK crashed by more than 10%. The stolen assets have already begun to flow into cryptocurrency exchanges, indicating the attacker's attempts to liquidate positions. The project team promptly reached out to major exchanges, the Solana Foundation, and law enforcement agencies, requesting assistance in tracking and freezing the funds.
Attack Mechanics: How It Happened
According to blockchain analysts, before the attack, the attacker purchased approximately $4 million worth of BONK. This allowed them to accumulate the necessary number of votes to pass the malicious proposal on the Realms platform on the Solana network. After the DAO vote was approved, the attacker gained access to the treasury and withdrew the funds.
A key feature of this attack is that it was not related to a smart contract vulnerability. Instead, a legitimate voting mechanism was used, but with vote manipulation. This raises serious questions about the security of DAO governance, especially regarding protection against single, well-funded attackers.
Market Reaction and Future Prospects
In the wake of the incident, BONK lost 10% of its value, reflecting panic among investors. Some of the stolen tokens are already being moved to exchanges, increasing downward pressure on the price. The project team continues its investigation and is cooperating with exchanges and law enforcement.
This incident once again highlights the need for additional protection mechanisms in DAOs: timelocks, multi-signatures, and delays on treasury execution decisions. Without them, even legitimate governance systems can be used against the community.
Expert Opinion: The attack on BONK DAO is a classic example of a "governance attack," where the attacker uses the DAO's own structure against it. Until projects implement multi-layered treasury protection, such incidents will recur. Investors should more carefully evaluate the governance mechanisms of the protocols they invest in.