BONK.fun Got Hacked by a Domain Snatcher — So They Paid Users 110% to Smile Through It

BONK.fun is back online after a domain hijack that cost users ~$30K. The breach? Not a smart contract flaw—because let’s be honest, even a toddler could audit that code by now. Not a wallet leak—your private key’s probably still tucked safely under your mattress next to your 2017 Bitcoin paper wallet. No, this was a classic “I clicked ‘I agree’ to a TOS written in Klingon” social engineering play on their domain provider, who’s now publicly sweating like a degens at a 2 a.m. meme token ICO. Attackers spun up a phishing page that tricked users into signing malicious transactions—likely via a fake TOS that said “By continuing, you consent to 37% APY and eternal loyalty to the BONK DAO.” No internal systems were touched. Just the domain, snatched like a last slice of pizza at a crypto meetup, moved, and weaponized into a digital scam buffet.

Bubblemaps initially guessed $23K in losses. BONK.fun said, ‘Nah, make it $30K,’ and added a twist: they’re reimbursing users at 110%. Because nothing says ‘we care’ like covering your opportunity cost too—because clearly, you didn’t just lose $30K in gas fees, you lost the chance to buy Solana at $10, which was, of course, the exact moment you looked away to check your Discord. Domain was restored on March 18; wallet integrations back up by the 19th. Phantom, MetaMask, and Solflare helped flag the shady site—like a squad of crypto sheriffs with NFT badges and zero patience for phishing. Still, some antivirus providers haven’t gotten the memo—so users are redirected to a backup domain that does the same thing. It’s like your car alarm goes off, but the thief just parks next door and waves at you.

Market? Unimpressed. BONK’s price still chills near $0.0000059, barely blinking since its March high. The whole episode felt less like a hack and more like a performance art piece titled “How to Turn a DNS Record Into a Meme.” Bottom line: It’s not the code that breaks. It’s the DNS. And honestly? The DNS was never supposed to be trusted anyway. It’s the internet’s version of a WiFi password written on a sticky note taped to a router labeled “FREE INTERNET (I SWEAR I’M NOT A SCAMMER).”