Última hora
KR젤렌스키, 나토 정상회의서 가입 재차 호소… "방공망 지원 절실"ARمونديال 2026: الأرجنتين تواجه مصر وسويسرا تواجه كولومبيا في مواجهات حاسمةARفادية عبد الغني تتصدر الترند بعد فيديو مشاجرة.. ومسرحية "الدب" تصل بيروت.. وتخريج أول دفعة من بيت العود بالرياضARالسودان: الجيش يسقط مسيرة صينية.. ومقتل 15 مدنياً بغارات أخرىINFlexible Workspace Operators Lead Delhi-NCR Office Leasing SurgeRUСредний суточный экспорт российской нефти достиг рекордного уровня с начала СВОDEStreit in der Union über SonntagsöffnungenDEWM 2026: Stolpert Argentinien über Außenseiter Ägypten?FRL'Assemblée nationale adopte le projet de loi sur la justice criminelle, sans le "plaider-coupable"RUМОК назвал условия возвращения российских спортсменовKR젤렌스키, 나토 정상회의서 가입 재차 호소… "방공망 지원 절실"ARمونديال 2026: الأرجنتين تواجه مصر وسويسرا تواجه كولومبيا في مواجهات حاسمةARفادية عبد الغني تتصدر الترند بعد فيديو مشاجرة.. ومسرحية "الدب" تصل بيروت.. وتخريج أول دفعة من بيت العود بالرياضARالسودان: الجيش يسقط مسيرة صينية.. ومقتل 15 مدنياً بغارات أخرىINFlexible Workspace Operators Lead Delhi-NCR Office Leasing SurgeRUСредний суточный экспорт российской нефти достиг рекордного уровня с начала СВОDEStreit in der Union über SonntagsöffnungenDEWM 2026: Stolpert Argentinien über Außenseiter Ägypten?FRL'Assemblée nationale adopte le projet de loi sur la justice criminelle, sans le "plaider-coupable"RUМОК назвал условия возвращения российских спортсменов
Newsgather
BackHackers Steal $3 Million from Polymarket Users via Compromised Third-Party Vendor
Hackers Steal $3 Million from Polymarket Users via Compromised Third-Party Vendor
En desarrollo
Decrypt25.06.2026Business2 dk okuma

Hackers Steal $3 Million from Polymarket Users via Compromised Third-Party Vendor

En resumen

  • Hackers stole approximately $3 million from Polymarket users by exploiting a compromised third-party vendor.
  • The prediction market platform has fixed the issue and will fully reimburse affected users, marking its second security incident in two months.

Resumen generado por IA

Por qué importa

Hackers exploited a compromised third-party vendor to steal approximately $3 million from Polymarket users. This is the platform's second security incident in two months.

Tamaño de fuente

In brief

Hackers exploited a compromised third-party vendor to steal about $3 million from a handful of Polymarket users.

Polymarket says the issue is fixed and affected users will be fully reimbursed.

It marks the platform's second security incident in two months.

One of Polymarket’s third-party vendors suffered a hack Thursday, the prediction market said, leaving its website vulnerable to an exploit that analysts said led to millions of dollars lost for users of the platform.

Polymarket declined comment when reached by Decrypt, and did not say publicly which of its vendors was compromised. But the attack allowed hackers to inject malicious code into the prediction market’s front-end, the company said in an X post.

Ultimately, the hackers stole some $3 million worth of customer funds.

On-chain sleuths at Bubblemaps concluded that potential damage from the hack was largely contained, with less than 15 user accounts affected. The blockchain investigations firm did not immediately respond to Decrypt’s request for comment.

Polymarket said it is in the process of refunding impacted customers in full, and that the frontend issue has been contained and removed.

It is as of yet unclear what steps the prediction market platform can take to prevent such an exploit from happening in the future, given that it relies on some external, third-party businesses that are apparently directly involved in the site’s operation.

The attackers appear to have drained funds from Polymarket customer wallets containing pUSD, a Polymarket-specific dollar-pegged stablecoin backed by USDC, that is used to facilitate all trading on the platform. They then converted the stolen funds into ETH, and compiled them into an Ethereum wallet, where, as of writing, they remain.

Last month, Polymarket suffered another hack, of a wallet used by company employees to top up and pay out user rewards. The exploit lost the company roughly $700,000, and was likely caused by a private key compromise. It did not appear to impact the company’s infrastructure or pose broader risks, experts said at the time.

Both that exploit and today’s, however, point to the ability of hackers to infiltrate major companies on the margins, even when core protocols remain secure.

Preguntas abiertas

  • Which specific third-party vendor was compromised?
  • What specific security measures will Polymarket implement to prevent future exploits?
  • How did the hackers inject malicious code into the front-end?

Temas relacionados

This article was originally published by Decrypt.

Noticias relacionadas

Más sobre este temahackers