BONK.fun Team Account Breach Deploys Wallet Drainer on Solana Launchpad

Attackers compromised the $BONK.fun domain and deployed a wallet drainer, forcing the Solana meme coin launchpad to warn users to stop interacting with the site.

The breach comes as $BONK.fun already battles a steep market share decline, having dropped from 84% of Solana’s launchpad market in mid-2025 to roughly 7% by year-end, per Dune data.

Why it matters:

• Users who interacted with $BONK.fun after the breach face direct risk of wallet drainage and total loss of on-chain funds.
• The hack deepens trust erosion at a launchpad already losing users to rival Pump.fun.
• Security incidents at token launchpads expose the broader risk of deploying capital on platforms without multi-factor domain protections.

The details:

• $BONK.fun confirmed on X (Twitter) that “A malicious actor has compromised the BONKfun domain, do not interact with the website until we have secured everything.”
• A team account was taken over and used to run the wallet drainer directly on the platform, per the project’s statement.
• $BONK ($BONK) traded down 0.9% in the 24 hours following the breach, at $0.055879 at time of reporting.
• The incident is under active investigation; no timeline for restoration has been confirmed.

The big picture:

• Pump.fun recaptured over 70% of Solana’s launchpad market by February 2026 after buybacks, scaling upgrades, and its Kolscan acquisition.
• $BONK.fun’s revenue fell to $84,000 by end-2025 versus Pump.fun’s $720,000, per Dune analytics.
• A fee cut to 0% in early 2026 produced only a brief revenue spike before Pump.fun countered with new user incentives.

The post $BONK.fun Team Account Breach Deploys Wallet Drainer on Solana Launchpad appeared first on BeInCrypto.