Back to Trending

Polymarket hit by $2.9M theft, users to be refunded

Cointelegraph 2026-06-26 08:20:37
Context: Polymarket, a prediction market platform, was hit by a $2.9 million theft after a third-party vendor compromise allowed attackers to inject a malicious script into its frontend. The incident, which occurred on Thursday, affected multiple users and was quickly contained by Polymarket. The platform has promised to fully refund its users who lost funds.

Key Facts

  • A third-party vendor compromise allowed attackers to inject a malicious script into Polymarket's frontend, affecting multiple users and resulting in an estimated $2.94 million loss from at least 11 user wallets.
  • Blockchain analyst Specter said the malicious script appeared to facilitate a phishing attack that drained funds from user wallets.
  • Polymarket said it contained the compromise and removed the affected dependency, and has promised to fully refund users who lost funds.
  • The attack was the 89th reported crypto security breach of the second quarter, according to DefiLlama data, extending the most-hacked quarter on record by incident count.
  • Over the past 30 days, private key compromises accounted for 43% of reported exploit losses, making them the leading attack vector, according to DefiLlama.
Read full article & support publisher (opens in a new tab)
Link

Summarised in seconds by Grasp AI

Cut out the noise. Build your own custom factual news feed for free, or summarise any article instantly.

Create your free dashboard