Polymarket Third-Party Vendor Compromise Drains $2.9M from Users

A third-party vendor compromise injected malicious code into Polymarket

Polymarket Third-Party Vendor Compromise Drains $2.9M from Users

DOGE

$0.07447

3.54%

XLM

$0.1775

4.66%

XMR

$307.77

2.35%

TRX

$0.3224

1.97%

HYPE

$64.43

1.33%

LINK

$7.25

3.49%

SOL

$69.91

1.29%

BNB

$568.81

0.05%

ADA

$0.1449

3.07%

ZEC

$409.55

1.72%

ETH

$1,568

5.30%

BTC

$60,212

2.44%

XRP

$1.03

4.27%

Written by

Zoltan Vardai

staff writer

Reviewed by

Yohan Yun

staff writer

Written by

Zoltan Vardai

staff writer

Reviewed by

Yohan Yun

staff writer

Polymarket hit by $2.9M theft, users to be refunded

Latest News

Published

Jun 26, 2026

Polymarket said it contained the compromise and removed the affected dependency after attackers injected a malicious script into its frontend.

A third-party vendor compromise discovered Thursday allowed attackers to inject a malicious script into Polymarket's frontend, affecting multiple users.

Blockchain analyst Specter

said

the malicious script appeared to facilitate a phishing attack that drained an estimated $2.94 million from at least 11 Polymarket user wallets.

Polymarket

said

on X that the compromise has been contained and that the affected dependency has been removed. It added that users would be fully refunded.

Cointelegraph has approached Polymarket for comment but did not receive a response before publication.

The attack was the 89th reported crypto security breach of the second quarter, according to

DefiLlama

data, extending

the most-hacked quarter on record

by incident count.

Source:

Specter

Crypto exploit losses reach $74.9M across 29 June incidents

Crypto exploit losses climbed to $74.9 million across 29 reported incidents in June, surpassing May’s $60.5 million total but remaining far below April’s $644 million, according to DefiLlama data.

Total value hacked by monthly sum, 1-year chart. Source: DefiLlama.

The largest June incidents included the

$36 million Humanity Protocol exploit

, the

$4.7 million Secret Network bridge exploit

,

two separate Aztec exploits

worth $2.1 million each and

a $1.7 million bridge exploit

on Taiko.

Related:

About 60% of World Cup bettors on Polymarket are first-time crypto users

Over the past 30 days, private key compromises accounted for 43% of reported exploit losses, making them the leading attack vector, according to DefiLlama. Fake proof exploits accounted for 10%, followed by reverse MEV honeypots at 8%, which present deceptive trading opportunities to lure and manipulate automated trading bots.

About a month before Polymarket's latest attack, the prediction market disclosed a separate $600,000 exploit that was traced to

a six-year-old private key

used for internal top-up operations. Josh Stevens, Polymarket's vice president of engineering,

said

the platform's contracts and user funds remained safe and that all permissions tied to the key had since been revoked.

Total value hacked by technique over the past 30 days. Source: DefiLlama

Polymarket currently holds over $450 million in total value locked, up 301% from $112 million a year ago,

according

to DefiLlama.

Magazine:

Should users be allowed to bet on war and death in prediction markets?

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s

Editorial Policy

and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Polymarket

Hacks

Hackers

Phishing

Prediction Markets

DeFi

Cybersecurity

Industry

More on the subject

Here’s what happened in crypto today

2 hours ago

Cointelegraph

BitGo cuts 15% of staff to sharpen focus on AI, stablecoins

8 hours ago

Jesse Coghlan

Bitcoin options traders hedge downside as uncertainty lingers, Anchorage says

12 hours ago

Nate Kostar

Here’s what happened in crypto today

2 hours ago

Cointelegraph

BitGo cuts 15% of staff to sharpen focus on AI, stablecoins

8 hours ago

Jesse Coghlan

Bitcoin options traders hedge downside as uncertainty lingers, Anchorage says

12 hours ago

Nate Kostar