The Crypto platform has confirmed that their main domain website has been hacked, exposing its users to a wallet drain exploit.
A fun crypto hack
It is a fact that is generally recognized that regardless of the size of the global geopolitical crisis, hackers continue to wreak havoc on the cryptographic market. This time, the victim was the memecoin issuing platform Bonk.fun. In a March 12 post on the X social network, Tom (@SolportTom), one of its operators, warned users not to interact with the domain “until further notice” because hackers had injected a cryptographic wallet drain into it:
Do not use the domain https://t.co/4xXs3cMJx0 until further notice, hackers have hijacked the team’s account forcing a drain on DOMAIN.
URGENTLY.
— Tom (@SolportTom) March 12, 2026
The official X account of the Solana token startup, which is backed by Raydium and the BONK community, also announced the hack and echoed Tom’s strange warning:
A suspicious actor has compromised the BONKfun domain, do not interact with the website until we secure everything.
— BONK.fun (@bonkfun) March 12, 2026
Who and how is affected
Tom explained that the phishing scam created a fake “Terms of Service” (TOS) signature prompt that, when signed, allowed the drainer to transfer funds from an unsuspecting user. According to Tom, only users who interacted with the fake TOS were affected. He explained that neither previously connected users nor recreational token traders on third-party terminals were affected. He also assured that the security breach was detected early, so “losses are minimal so far”:
To answer the concerns I see:
1. No, if you have connected to mock bank in the past, you will not be affected
2. No, you won’t be affected if you trade fun tokens on terminals, etc
3. The only people who were affected were the people after…
— Tom (@SolportTom) March 12, 2026
This is not a Raydium or BONK smart contract exploit, but a Web2 infrastructure failure incident that has been directly injected into Web3. These types of domain hijacking and phishing scripts are run by attackers who gain access to the frontend and offer seemingly simple offers that abuse wallet authentication.
Examples of exploited vulnerabilities
In recent years, authentication-phishing attacks and “fake UI” have stolen billions of dollars: a study by Chainalysis reported a fraud revenue of 14 billion dollars in 2025, and forecasts show more than 17 billion dollars, as more wallets are identified.
As the income of fraud increases and the scale of imitation is based on AI, crypto security in 2026 is less about the perfect code and more about protecting everything around it: from domains to social accounts, employees and user decision-making. Last February, attackers hijacked Pump.fun’s X account to push the fake PUMP token, which was covered by our sister site NewsBTC. Not long ago, trader OG Sillituna was kicked out of the crypto market after a multi-million dollar heist that combined the poisoning of online addresses and violent offline acts.
Times will test traders both on and off the block online and offline. As the cryptographic landscape becomes more complex, merchants would do well to increase their caution: prefer direct contractual collaboration or trusted aggregators, and use tools to monitor and regularly devalidate tokens.
SOL’s price trends to the upside on the daily chart. Source: SOLUSDT on Tradingview
Cover image from Perplexity, SOLUSDT chart from Tradingview
Editing process because bitcoinist is committed to delivering thoroughly researched, accurate and unbiased content. We adhere to strict sourcing standards and every page is rigorously reviewed by a team of top technology experts and experienced editors. This process ensures the integrity, relevance and value of our content to our readers.
