After being hijacked, the BONKfun website was restarted. The team ensured that users received a full refund and launched a backup domain.

PANews reported on March 21 that BONKfun announced on its X platform that its official website was attacked by malicious social engineering on March 11. The attackers hijacked the BONKfun domain through its domain service provider and redirected it to an external registrar. The team confirmed that this incident was not caused by a breach of BONK's or BONKfun's internal systems, codebase, or team accounts. Following the incident, the team immediately took measures: shutting down the website, coordinating with wallet service providers to mark the domain as malicious, and controlling the impact on users. This attack resulted in approximately $30,000 in losses for customers, and the team will compensate affected users at 110% to cover potential opportunity costs.

The BONKfun domain and registration were fully restored around 5 PM Eastern Time on March 18th. Functionality with the main wallet provider was restored on the evening of March 19th, and the website is now securely online. Currently, some antivirus software still flags the main domain as risky; the team is actively addressing this. For users unable to access the official website due to antivirus software issues, the backup domain is also online and functionally identical to the main site.