Bonk.fun Hacked: Domain Hijacked and Crypto Wallet Drainer Planted on Site

TLDR

• Bonk.fun’s domain was hijacked by hackers who planted a wallet drainer on the site
• Only users who signed a fake terms-of-service message after the breach were affected
• Past connections and third-party terminal trades were not impacted
• The platform was formerly known as LetsBONK and launched in April 2025
• Bonk.fun’s market share had already dropped from 84% to 7% by end of 2025

Bonk.fun, a Solana-based meme coin launchpad backed by Raydium and the BONK token, warned users on March 12 to avoid its website after hackers hijacked a team account and installed a wallet drainer on the domain.

The platform’s operator, known as Tom, announced the breach on X under the handle @SolportTom. He told users not to visit the site until further notice. Bonk’s official X account confirmed the warning.

Tom said that only users who signed a fake terms-of-service message on the compromised website after the breach took place were affected. Past connections to the site and trades made through third-party terminals were not impacted.

The incident is under investigation. The team has not disclosed how much money was lost, but Tom said the breach was caught quickly and that community alerts helped limit the damage.

Bonk.fun was launched in April 2025 by the BONK community alongside Raydium. It lets users deploy tokens on Solana without any coding, using dynamic logarithmic bonding curves. The platform was previously called LetsBONK.

Bonk.fun’s Rise and Fall in Market Share

Shortly after launch, the platform overtook Pump.fun to control 84% of Solana’s launchpad market by mid-2025. That lead did not hold.

By the end of 2025, Bonk.fun’s market share had dropped to just 7%, according to data from Dune. Its monthly revenue fell to around $84,000, while Pump.fun’s topped $720,000 in the same period.

The decline came as reward mechanisms became hard to sustain and successful token launches slowed. Pump.fun responded by launching major buybacks, acquiring Kolscan, and improving its scaling capacity.

Bonk.fun cut creator fees to 0% in early 2026 to bring users back. The move led to a short spike in revenue near the end of January 2026.

Platform Struggled to Hold Momentum Before Hack

That recovery did not last. Pump.fun rolled out new incentives and reclaimed over 70% of the market by February 2026.

The hack follows a broader pattern in crypto. Phishing attacks that trick users into signing malicious prompts on hijacked domains have been rising. In 2025, fraudulent inflows from these scams neared $17 billion.

The Bonk.fun team has urged all users to stop interacting with the website until they confirm the platform is secure.

As of the time of reporting, no dollar figure for losses from the hack has been made public.

The post Bonk.fun Hacked: Domain Hijacked and Crypto Wallet Drainer Planted on Site appeared first on CoinCentral.