• The website of BONKfun experienced a security breach; hackers executed a social engineering attack against its domain provider.
• The platform has relaunched and will reimburse affected users at 110% of losses while working with partners like MetaMask and Phantom Wallet to restore full access and security.

BONKfun has restored its website after a security breach that caused its site to go offline. A malicious actor on March 11 executed a social engineering attack against the platform’s domain service provider to hijack the platform’s domain. The breach caused the domain to be transferred to an external registrar, which prevented the team from regaining control of the domain. The BONKfun team confirmed that the attack did not affect any of their internal systems, codebases, or team accounts while explaining that the domain transfer problem existed only at the domain provider level.

The team responded quickly after they discovered the security breach. The team took down the website, and they reached out to major wallet providers to report the hacked domain as a threat, which prevented unauthorized access. Security partners, including Phantom Wallet, Solflare, MetaMask, and SEAL Org, united to protect users during the emergency.

BONKfun is back and here’s what happened 👇

On March 11, the BONKfun website was hijacked by a malicious actor via a social engineering targeting our domain service provider. This resulted in the domain being transferred to an external registrar.

The domain service provider has…

— BONK.fun (@bonkfun) March 20, 2026

Recovery, Compensation, and Relaunch

The total financial damage from the attack was assessed by BONKfun at $30000, which represents their complete evaluation of the incident’s financial impact. The platform will compensate affected users by providing 110% of their losses, which includes their lost potential earnings during the service interruption. The recovery process reached its most important point when the team regained control of the domain. The domain transfer to BONKfun occurred at 5:00 pm Eastern Time on March 18. The system regained all its features to work with major wallet providers on March 19, which enabled a safe system restart.

The situation continues to present multiple challenges as the main BONKfun domain remains blocked by multiple antivirus software programs, which prevents some users from accessing the site. The team is currently working to fix the security warnings while they attempt to regain complete trust from all security systems. The alternative website, BONK.fun, provides all the features available on the main website. The system provides continuous access to users while the main website completes its last security checks.

The incident demonstrates that domain-level attacks have become increasingly dangerous as attackers can exploit vulnerabilities without accessing critical systems. The response from BONKfun included quick threat containment activities, active collaboration with security partners, and full reimbursement for all users as part of their dedication to building trust while creating future protection measures.

Read More Related Crypto News:
XRP Whale Activity Surges as Massive Outflows from Binance and Coinbase Keep Price Near $1.50