Polymarket, one of the largest prediction markets in crypto, fell victim to a sophisticated attack Thursday that drained approximately $2.94 million from at least 11 user wallets. The breach occurred when attackers injected a malicious script into the platform’s frontend through a compromised third-party vendor dependency, enabling a phishing attack that targeted unsuspecting users.
Blockchain analyst Specter identified the malicious script and traced the funds stolen across multiple wallets. The attack represents a significant security incident for the prediction market platform, which has grown substantially over the past year. Polymarket announced on X that it has contained the compromise and removed the affected dependency from its systems.
The platform committed to fully refunding all affected users, demonstrating its response to the incident. Cointelegraph reached out to Polymarket for additional comment but did not receive a response before publication. The swift containment and refund commitment suggest the platform took immediate action upon discovering the vulnerability.
This incident marks the 89th reported crypto security breach of the second quarter, according to data from DefiLlama, extending what has become the most-hacked quarter on record by incident count. The frequency of such attacks underscores the ongoing security challenges facing the cryptocurrency industry as platforms scale and attract more users and capital.
See also: StablR Exploit Drains $2.8M as Euro and USD Stablecoins Depeg Following Private Key Compromise
The broader crypto security landscape remains under pressure, with exploit losses climbing to $74.9 million across 29 reported incidents in June alone, according to DefiLlama data. This figure surpasses May’s $60.5 million total but remains significantly below April’s $644 million, suggesting some volatility in attack patterns and impact. The largest June incidents included the $36 million Humanity Protocol exploit and the $4.7 million Secret Network bridge exploit, among others.
Notably, this follows a pattern seen in related coverage of the StablR exploit that drained $2.8M as Euro and USD stablecoins depegged following a private key compromise, highlighting how various attack vectors continue to threaten crypto platforms and users. Private key compromises have emerged as the leading attack vector, accounting for 43% of reported exploit losses over the past 30 days.
Beyond private key compromises, other attack methods pose significant threats to the ecosystem. Fake proof exploits accounted for 10% of reported losses, while reverse MEV honeypots represented 8%, presenting deceptive trading opportunities designed to lure and manipulate automated trading bots. These sophisticated techniques demonstrate the evolving nature of threats facing cryptocurrency platforms and users.
Polymarket’s latest incident is not the platform’s first security challenge this year. Approximately one month prior, the prediction market disclosed a separate $600,000 exploit traced to a six-year-old private key used for internal top-up operations. Josh Stevens, Polymarket’s vice president of engineering, stated at the time that the platform’s contracts and user funds remained secure and that all permissions tied to the compromised key had been revoked.
See also: Strategy’s Bitcoin Sale Triggers $15M Polymarket Dispute Over May 31 Deadline
Despite these security incidents, Polymarket has experienced substantial growth. The platform currently holds over $450 million in total value locked, representing a 301% increase from $112 million a year ago, according to DefiLlama data. This growth trajectory reflects increasing user adoption of prediction markets, even as security concerns persist.
The prediction market sector has attracted significant mainstream attention, particularly during major events. Data from Cointelegraph previously reported that approximately 60% of World Cup bettors on Polymarket were first-time crypto users, indicating how prediction markets serve as entry points for new participants in the cryptocurrency ecosystem.
For users concerned about security, the incident highlights the importance of exercising caution when interacting with blockchain platforms. Phishing attacks remain a persistent threat, and users should verify URLs, enable security features where available, and remain vigilant about suspicious requests for private keys or wallet access.
Polymarket’s commitment to refunding affected users represents a positive response to the incident, though it underscores the ongoing need for enhanced security measures across the cryptocurrency industry. As platforms continue to scale and attract institutional capital, security infrastructure and third-party vendor management will remain critical priorities for maintaining user trust and protecting assets.
More Reads:
Indonesia Mandates Certifications for Crypto Influencers as Global Finfluencer Crackdown Intensifies
Learn How to Use Bollinger Bands to Make Better Trade Calls in 2026
If you’re reading this,
you’re already ahead. Stay there, by joining the…
Discover more from Dipprofit
Subscribe to get the latest posts sent to your email.
