Son Dakika
INTLSuper Typhoon Bavi Hits Guam and Northern Marianas with Catastrophic WindsKR오사카 나오미, 윔블던 첫 8강 진출…사발렌카 꺾고 4강행 경쟁 합류ARبوليسيتش يؤكد ثقة أمريكا قبل مواجهة بلجيكا في كأس العالم.. وأوساكا تتأهل لويمبلدونTRRudi Garcia'dan FIFA'nın Balogun Kararına Tepki: "Bu Bir 1 Nisan Şakası"CN巴威颱風預計週五影響台灣 北部、山區留意局部大雨或豪雨ARالبرازيل تخسر أمام النرويج في كأس العالم 2026 ونيمار يبكيESHaaland aniquila a Brasil y lleva a Noruega a la finalAUFarmers Turn to Sunn Hemp to Combat Soaring Fertiliser CostsARهالاند يقود النرويج للفوز على البرازيل وأوساكا تتأهل لويمبلدونKR국립박물관 상품 '뮷즈', 상반기 매출 200억 돌파…역대 최고 실적 전망INTLSuper Typhoon Bavi Hits Guam and Northern Marianas with Catastrophic WindsKR오사카 나오미, 윔블던 첫 8강 진출…사발렌카 꺾고 4강행 경쟁 합류ARبوليسيتش يؤكد ثقة أمريكا قبل مواجهة بلجيكا في كأس العالم.. وأوساكا تتأهل لويمبلدونTRRudi Garcia'dan FIFA'nın Balogun Kararına Tepki: "Bu Bir 1 Nisan Şakası"CN巴威颱風預計週五影響台灣 北部、山區留意局部大雨或豪雨ARالبرازيل تخسر أمام النرويج في كأس العالم 2026 ونيمار يبكيESHaaland aniquila a Brasil y lleva a Noruega a la finalAUFarmers Turn to Sunn Hemp to Combat Soaring Fertiliser CostsARهالاند يقود النرويج للفوز على البرازيل وأوساكا تتأهل لويمبلدونKR국립박물관 상품 '뮷즈', 상반기 매출 200억 돌파…역대 최고 실적 전망
Newsgather
GeriPolymarket Suffers Security Exploit, User Funds Safe
Polymarket Suffers Security Exploit, User Funds Safe
Gelişiyor
Cointelegraph22.05.2026Teknoloji2 dk okuma

Polymarket Suffers Security Exploit, User Funds Safe

Hızlı Bakış

  • Polymarket experienced a security exploit affecting a wallet used for internal top-up operations, potentially compromising a six-year-old private key.
  • While at least $600,000 was drained, the company assures user funds and core infrastructure remain safe.

Yapay zekâ özeti

Neden Önemli?

Polymarket, a major prediction market platform, experienced a security breach where a wallet used for internal operations was compromised. This led to the draining of funds, though the company insists core infrastructure and user assets are secure.

Yazı boyutu

Polymarket confirmed a security exploit affected part of its infrastructure, pointing to a possible private key compromise involving a wallet used for top-up operations, while saying user funds and market resolution were safe.

In a Friday X post, Polymarket developers said contracts and core infrastructure were unaffected. Polymarket product lead Akanshu Jain and multiple other Polymarket employees also said user funds and market resolution are safe.

Blockchain investigator ZachXBT first flagged the exploit as a compromise to the Polymarket-linked UMA Conditional Tokens Framework (CTF) Adapter contract on Polygon, with the exploiter draining at least $520,000.

However, Josh Stevens, Polymarket’s vice president of engineering, said the contracts were safe and that the exploit was limited to a six-year-old private key used for internal top-up operations. All permissions tied to the key have been revoked, he said.

The UMA CTF adapter is an oracle contract used to help resolve Polymarket prediction markets through UMA’s Optimistic Oracle. Polymarket is the world’s second-largest prediction market with $3.7 billion in monthly trading volume, according to DefiLlama.

Polyscan data reviewed by Cointelegraph showed more than 100 small transfers into the alleged attacker wallet. Most were worth up to 5,000 Polygon (POL) tokens.

Address of the Polymarket adapter contract attacker. Source: Polygonscan

Exploit losses climb past $600,000

Multiple blockchain data platforms reported similar onchain activity tied to the suspected exploit.

Blockchain data visualization platform Bubblemaps said in a Friday X post that the attacker continues to remove about 5,000 POL tokens every 30 seconds, amassing about $600,000 in stolen funds at the time of writing.

Source: Bubblemaps

Blockchain data platform Lookonchain estimated that about $660,000 was drained from the Polymarket-linked contract as of 9:01 am UTC on Friday.

Related: Crypto VC funding plunges to $659M in April, hits near two-year low

Polymarket integrated UMA’s optimistic oracle solution on Feb. 3, 2022, enabling automated and decentralized resolution for its prediction market contracts.

Cointelegraph contacted Polymarket and UMA for comment but had not received a response by publication.

Açık Sorular

  • What is the exact timeline of the private key compromise?
  • Were there any internal security lapses that allowed the six-year-old key to be compromised?
  • Will Polymarket take further steps to enhance its security protocols beyond revoking the key?
  • What is the total amount of Polygon (POL) tokens that were drained?

İlgili Konular

Bu haber ilk olarak şurada yayınlandı: Cointelegraph.

İlgili Haberler

Bu konuda daha fazlaPolymarket