Malicious actors seized BonkFun’s official domain on Wednesday and installed a crypto-draining malware, resulting in the loss of funds. It is still unclear how many victims have suffered from the phishing attack and how much has been lost. The BonkFun hackers planted a crypto-draining script on the BonkFun domain, disguised as a standard interaction mimicking compliance requests, and began draining funds from unsuspecting users. Upon visiting the website, oblivious users are presented with fake compliance requests that, once signed, grant attackers access to their wallets and empty them in seconds. BonkFun’s domain attacked as crypto-related phishing scams gain steam BonkFun cautioned users not to interact with the website or access their accounts using the launchpad’s domain until the team had secured the domain. The platform has not yet confirmed how many users were affected by the hack or the value of the crypto assets the hackers drained from unsuspecting victims. Do not use the https://t.co/4xXs3cMJx0 domain until further notice, hackers have hijacked a team account forcing a drainer on the DOMAIN. URGENT. — Tom (@SolportTom) March 12, 2026 Tom, the launchpad’s operator, advised that users who had previously connected to BonkFun will not be affected. He also added that those who trade bonk fun tokens on terminals will also not be affected. According to Tom, the crypto drainer only affected users who signed a fake terms-of-service message on the launchpad’s domain. The operator mentioned that the team quickly noticed the hack and that the message spread quickly, noting that the losses are minimal. “We understand a lot of people are scared and rightly so but we’re doing everything in our power to fix the situation,” Tom said. “Our main priority will always be the users who have trusted us to use the platform over the last 8 months.” Phishing attacks in the crypto sector have grown significantly in recent years. Security reports indicate that the scams are now more sophisticated, using AI to impersonate victims and engage in pig butchering schemes. Malicious actors now use generative AI to curate fake investment websites, generate fake phishing emails, and create realistic chatbots that take advantage of oblivious victims surfing the internet. In 2025 alone, phishing attacks cost victims more than $17 billion, a 1,400% surge from the previous year. In November, the phishing attacks resulted in over $5.8 million in losses, down from $28 million recorded in October 2025. The occurrence comes at a difficult time, as the crypto market faces significant uncertainties. Solana is down 5.47% over the last seven days, despite a 1.5% surge over the last 24 hours. Bitcoin is down 3.59% over the last week and currently trades at $70,023. Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .