BONK faces $20 million treasury drain after attacker spends $4 million to pass malicious proposal
AI-summarised from reporting by CoinDesk. How we use AI.

What happened
The Solana-based memecoin Bonk (BONK) recently experienced a significant treasury drain orchestrated through a malicious governance proposal. An attacker strategically acquired a substantial amount of BONK tokens, sufficient to vote favourably on a proposal they initiated. This proposal, masquerading as legitimate, was designed to transfer a significant portion of the Bonk DAO's treasury holdings directly into a wallet controlled by the attacker.
Once the proposal passed and was executed, the attacker gained control over 500 billion BONK tokens, valued at approximately US$20 million at the time of the exploit. Following this audacious move, the attacker promptly began offloading these purloined tokens onto the open market. This sudden influx of tokens from the attacker's sales naturally exerted downward pressure on BONK's price, impacting holders globally.
The incident highlights a critical vulnerability in decentralised autonomous organisations (DAOs) where governance mechanisms, designed for community decision-making, can be exploited. Even with multi-signature wallets often employed for treasury security, a large enough stake can override these measures if the attacker can control enough votes. The decentralised nature of these organisations, while offering advantages, also presents unique challenges in preventing and rectifying such large-scale thefts once a malicious proposal gains traction and approval.
Why it matters for Australian investors
For Australian investors holding or considering BONK, this incident serves as a crucial reminder of the inherent risks associated with memecoins and, more broadly, DAO governance models. While BONK may be available on Australian crypto exchanges like CoinSpot, Independent Reserve, Swyftx, and BTC Markets, and its price is often tracked in AUD, the underlying vulnerabilities are global. The immediate consequence for Australian holders was a likely depreciation in their asset's value as the attacker sold off their ill-gotten gains.
Beyond direct price impact, this event underscores the importance of thorough due diligence before participating in or investing in projects governed by DAOs. The promise of decentralisation often comes with heightened risks concerning security and accountability. Australian investors should carefully assess the governance structures of any decentralised project, understanding how proposals are submitted, voted upon, and executed, and the potential for a single actor or small group to influence outcomes negatively.
Furthermore, the incident acts as a case study for the broader Australian crypto landscape. While regulation in Australia through bodies like AUSTRAC and ASIC primarily focuses on exchanges and service providers, the responsibility for evaluating the security and decentralisation claims of specific tokens often rests with the individual investor. The ATO's tax treatment of cryptocurrency as property means that any losses incurred due to such exploits would need to be accurately recorded for tax purposes.
Impact on the AUD market
While the Bonk treasury drain is a specific event related to one memecoin, its ripple effects can be felt within the broader Australian crypto market, particularly amongst altcoin traders. The incident can contribute to a general sentiment of caution, potentially leading to increased scrutiny of lesser-known projects and those with nascent or untested governance frameworks. Australian investors might become more risk-averse, opting for more established cryptocurrencies or projects with robust, proven security and decentralisation models.
On Australian exchanges, the sell-off triggered by the attacker would have directly impacted BONK/AUD trading pairs. Investors who had purchased BONK with AUD would have seen their holdings diminish in value, potentially leading to capital losses. While not a systemic crisis for the entire Australian market, such events erode investor confidence, especially for those new to the cryptocurrency space, who might be more susceptible to the volatility inherent in memecoins.
Moreover, the incident adds to the ongoing dialogue about consumer protection in the decentralised finance (DeFi) space. While Australian regulators are actively exploring frameworks for digital assets, incidents like the Bonk exploit demonstrate the challenges of overseeing truly decentralised entities. This could potentially influence future regulatory discussions in Australia regarding disclosure requirements for DAO-governed projects or warnings about the risks of participation in such decentralised governance structures.
What to watch next
Moving forward, the cryptocurrency community will be watching for several key developments related to the Bonk exploit. Firstly, attention will be on how the Bonk DAO addresses the substantial loss from its treasury. Will there be attempts to recover the funds, or will the community propose measures to replenish the treasury through other means? The response of the DAO will be crucial in restoring investor confidence and demonstrating resilience in the face of such a significant attack.
Secondly, the broader implications for DAO governance models will be a focal point. Expect increased discussion and potentially new proposals within the decentralised ecosystem aimed at enhancing the security and decentralisation of governance frameworks. This might include stricter voting thresholds, improved multi-sig implementations that are harder to bypass with a simple token majority, or refined appeal processes for controversial proposals. Australian investors participating in other DAOs should pay close attention to these evolving best practices.
Finally, the incident could prompt further reflection from regulatory bodies globally, including those in Australia like ASIC and AUSTRAC. While a direct Australian regulatory response to this specific event is unlikely, it adds to a growing list of exploits that highlight the need for clearer consumer protections and risk disclosures in the decentralised space. Investors should continue to monitor regulatory developments, as an evolving landscape could bring new guidelines for interacting with decentralised protocols and digital assets on Australian exchanges, potentially impacting investment strategies.
Coins covered
Common questions
How does ATO tax treatment apply if I lose cryptocurrency due to a DAO exploit?
The Australian Taxation Office (ATO) generally treats cryptocurrency as property for capital gains tax (CGT) purposes. If you hold cryptocurrency and it loses value or is stolen through an exploit like a DAO treasury drain, this may constitute a capital loss. You would need to accurately record the details of the loss, including the date, amount, and circumstances, to potentially offset it against future capital gains. It's best to consult a tax professional for specific advice tailored to your situation.
Are Australian exchanges responsible for losses from an external cryptocurrency exploit?
Australian cryptocurrency exchanges like CoinSpot, Independent Reserve, Swyftx, and BTC Markets generally provide platforms for buying, selling, and sometimes storing cryptocurrency. They are typically not responsible for losses incurred due to external exploits or vulnerabilities within specific cryptocurrency projects themselves, such as a malicious DAO governance proposal. Their responsibility primarily lies with the security of their own platform and client assets held within their custody. Investors assume the risks associated with the underlying projects when they purchase tokens.
What steps can Australian crypto investors take to protect themselves from DAO governance exploits?
Australian investors can mitigate risks by conducting thorough research into a DAO's governance structure, understanding its voting mechanisms, and assessing the distribution of governance tokens. Diversifying your crypto portfolio, avoiding overexposure to high-risk assets like many memecoins, and actively monitoring the projects you invest in are also crucial. Always be wary of proposals that seem too good to be true or appear to consolidate power, and consider consulting independent analyses before participating in governance votes.
An analysis for Australian investors on the Bonk DAO treasury exploit, examining its impact on AUD markets, DAO governance risks, and what to watch next.
About this article: this is an AI-generated summary of reporting by CoinDesk. It has not been reviewed by a human editor. We use AI to localise crypto news for Australian readers, and we link back to the original source so you can verify the facts.
Informational only — not financial advice. Always do your own research. Read our AI & editorial policy →


