The BonkDAO incident, which saw an attacker siphon roughly $20 million worth of BONK tokens, has taken a new turn. Chainalysis reports that the wallet responsible for the theft has now parked the bulk of the stolen tokens in a multisig controlled by a newly minted shadow DAO. This move effectively creates a second governance layer that the attacker can manipulate without exposing the loot to the open market.

By keeping the stolen assets within a private multisig, the attacker can avoid immediate price impact while still retaining full control over the tokens. This strategy mirrors tactics seen in other high‑profile DeFi hacks, where the culprits set up separate entities to manage the loot and potentially use it for future governance proposals or token burns. For retail holders, this means that the BONK token’s supply dynamics could shift in ways that are not yet reflected in the market.

The broader crypto environment is currently in a state of fear, with the fear/greed index sitting at 27. Coupled with modest gains in Bitcoin (+2.19 %) and Ethereum (+1.75 %) over the past 24 hours, the market is still cautious about governance vulnerabilities. As the shadow DAO moves forward, any governance changes it proposes could influence BONK’s price and liquidity. Investors should keep an eye on announcements from the shadow DAO and any subsequent actions that might alter the token’s supply or utility.