Attacker acquired >99% voting power by buying BONK tokens, submitted BIP #76 to transfer the entire treasury to their wallet, and the proposal executed automatically with a 1% quorum threshold.
On July 6, 2026, an attacker who had spent approximately $4.4M acquiring BONK tokens on Binance and Bybit in late June 2026, accumulating over 99% voting power, executed a governance attack on BonkDAO. The attacker submitted BIP #76 on June 30 to transfer the entire treasury to their wallet. Only 7 of 18,000+ members voted. The proposal executed automatically on July 6 with a 1% quorum threshold. This was not a smart contract exploit but a pure governance capture via token-weighted voting. The BONK price dropped 7-8% following the attack.
Treasury assets transferred to attacker-controlled wallet on Solana. No recovery reported at time of writing.
N/A