Hackers Hijack Bonk.fun Domain, Deploy Wallet-Draining Phishing Prompt

Source: Decrypt

Hackers hijacked the domain of the Solana-based token launch platform Bonk.fun Mar. 11, prompting the team to warn users not to interact with the site after attackers deployed a wallet-draining phishing message. An operator associated with Bonk.fun said in a post on X that a team account had been compromised, allowing attackers to push a malicious prompt through the bonk.fun domain. The prompt reportedly asked users to sign a fake terms-of-service message designed to authorize transactions that could drain connected crypto wallets. Bonk.fun has not disclosed how many users may have signed the malicious transaction or the estimated value of funds lost. The platform has operated for roughly eight months and is part of the broader Bonk ecosystem built on the Solana blockchain. Full Story