عاجل
KRK-Defense Industry Poised to Become UAE's Full-Lifecycle Partner Amidst Rising DemandRUРоссийские штурмовики атаковали ВСУ с тыла при освобождении ЛесногоKR검역본부, 2분기 농산물 수출검역 협상 결과 발표…배 이집트 수출길 열려KR도시철도 구축 승인·고시 권한 국토부에서 대광위로 위임KR크리스토퍼 놀런 감독, 신작 '오펜하이머'로 첫 한국 방문KR노원구, 22일부터 주요 산책로·하천변서 '힐링냉장고' 운영CN納坦雅胡稱黎巴嫩基督教村莊要求併入以色列 遭黎巴嫩否認CN民進黨苗栗縣長參選人陳品安:苗栗需與中央對接的縣長引領進步KR정부, 화물차 유가보조금 부정수급 근절 위해 AI 탐지체계 도입KR한미약품, 급성 골수성 백혈병 신약 후보물질 권리 회수 위해 앱토즈 바이오사이언스 인수KRK-Defense Industry Poised to Become UAE's Full-Lifecycle Partner Amidst Rising DemandRUРоссийские штурмовики атаковали ВСУ с тыла при освобождении ЛесногоKR검역본부, 2분기 농산물 수출검역 협상 결과 발표…배 이집트 수출길 열려KR도시철도 구축 승인·고시 권한 국토부에서 대광위로 위임KR크리스토퍼 놀런 감독, 신작 '오펜하이머'로 첫 한국 방문KR노원구, 22일부터 주요 산책로·하천변서 '힐링냉장고' 운영CN納坦雅胡稱黎巴嫩基督教村莊要求併入以色列 遭黎巴嫩否認CN民進黨苗栗縣長參選人陳品安:苗栗需與中央對接的縣長引領進步KR정부, 화물차 유가보조금 부정수급 근절 위해 AI 탐지체계 도입KR한미약품, 급성 골수성 백혈병 신약 후보물질 권리 회수 위해 앱토즈 바이오사이언스 인수
Newsgather
BackPolymarket Suffers Security Exploit, User Funds Safe
Polymarket Suffers Security Exploit, User Funds Safe
يتطور
Cointelegraph22.05.2026تقنية2 dk okuma

Polymarket Suffers Security Exploit, User Funds Safe

نظرة سريعة

  • Polymarket experienced a security exploit affecting a wallet used for internal top-up operations, potentially compromising a six-year-old private key.
  • While at least $600,000 was drained, the company assures user funds and core infrastructure remain safe.

ملخص مُنشأ بالذكاء الاصطناعي

لماذا يهم

Polymarket, a major prediction market platform, experienced a security breach where a wallet used for internal operations was compromised. This led to the draining of funds, though the company insists core infrastructure and user assets are secure.

حجم الخط

Polymarket confirmed a security exploit affected part of its infrastructure, pointing to a possible private key compromise involving a wallet used for top-up operations, while saying user funds and market resolution were safe.

In a Friday X post, Polymarket developers said contracts and core infrastructure were unaffected. Polymarket product lead Akanshu Jain and multiple other Polymarket employees also said user funds and market resolution are safe.

Blockchain investigator ZachXBT first flagged the exploit as a compromise to the Polymarket-linked UMA Conditional Tokens Framework (CTF) Adapter contract on Polygon, with the exploiter draining at least $520,000.

However, Josh Stevens, Polymarket’s vice president of engineering, said the contracts were safe and that the exploit was limited to a six-year-old private key used for internal top-up operations. All permissions tied to the key have been revoked, he said.

The UMA CTF adapter is an oracle contract used to help resolve Polymarket prediction markets through UMA’s Optimistic Oracle. Polymarket is the world’s second-largest prediction market with $3.7 billion in monthly trading volume, according to DefiLlama.

Polyscan data reviewed by Cointelegraph showed more than 100 small transfers into the alleged attacker wallet. Most were worth up to 5,000 Polygon (POL) tokens.

Address of the Polymarket adapter contract attacker. Source: Polygonscan

Exploit losses climb past $600,000

Multiple blockchain data platforms reported similar onchain activity tied to the suspected exploit.

Blockchain data visualization platform Bubblemaps said in a Friday X post that the attacker continues to remove about 5,000 POL tokens every 30 seconds, amassing about $600,000 in stolen funds at the time of writing.

Source: Bubblemaps

Blockchain data platform Lookonchain estimated that about $660,000 was drained from the Polymarket-linked contract as of 9:01 am UTC on Friday.

Related: Crypto VC funding plunges to $659M in April, hits near two-year low

Polymarket integrated UMA’s optimistic oracle solution on Feb. 3, 2022, enabling automated and decentralized resolution for its prediction market contracts.

Cointelegraph contacted Polymarket and UMA for comment but had not received a response by publication.

أسئلة مفتوحة

  • What is the exact timeline of the private key compromise?
  • Were there any internal security lapses that allowed the six-year-old key to be compromised?
  • Will Polymarket take further steps to enhance its security protocols beyond revoking the key?
  • What is the total amount of Polygon (POL) tokens that were drained?

مواضيع ذات صلة

This article was originally published by Cointelegraph.

أخبار ذات صلة

المزيد حول هذا الموضوعPolymarket