Prediction market giant Polymarket confirmed that hackers stole funds from an unspecified number of users after a third-party breach. In an X post on Thursday, Polymarket stated that a compromise at a third-party vendor allowed hackers to inject malicious code into its website for some users. The company said it has contained the incident and is now contacting affected victims and refunding them in full.
Breach at External Vendor Leads to Malicious Code Injection
As of Thursday afternoon, the exact details of the attack remain unclear. Polymarket spokesperson Connor Brandi confirmed to TechCrunch that the breach led to users' funds being stolen but declined to provide further information. Around the same time, blockchain monitoring firm PeckShield reported on X that a phishing campaign was targeting Polymarket users. According to PeckShield, hackers stole approximately $3 million worth of cryptocurrency. A blockchain analyst also reported similar losses, claiming funds were stolen from more than 11 victims. Polymarket allows users to be paid in cryptocurrency, making it a prime target for cybercriminals.
Sponsored Protocol
PeckShield Detects Phishing Campaign, Losses Reach $3 Million
In the last couple of days, two individuals on social media claimed to have had their Polymarket funds stolen. The hack is the latest blow for a company that has been in the headlines for the wrong reasons this week. On Sunday, an investigation revealed that Polymarket had paid online creators to post deceptive videos showing they won lucrative bets that were actually fake. In response, the company said it would audit its promotional content.
Sponsored Protocol
Recent Controversies and New Security Measures
The cyberattack raises serious questions about the platform's security posture. Security experts advise users to remain vigilant against suspicious communications and never enter credentials on unverified sites. For those managing online services, implementing robust security practices like those described in the guide Vulnerability Scanning with Nmap, Nessus and OpenVAS can help identify flaws before attackers exploit them.
Polymarket is now working closely with authorities to identify the perpetrators. Users experiencing any account anomalies are urged to contact support immediately. For further reading on authentication security, the article on Secure JWT explains how to protect web application authentication.
Sponsored Protocol
Analysts believe the $3 million theft may be just the tip of the iceberg. Polymarket has promised to reimburse all victims, but the incident highlights the fragility of DeFi platforms and the importance of regular security audits. A proactive approach, as detailed in the article on Docker Image Security with Trivy and Docker Scout, can significantly reduce the risk of compromise.
For more information on cyberattacks and data protection, refer to the Wikipedia page on cyberattacks.
Source: https://techcrunch.com/2026/06/25/polymarket-says-hackers-stole-users-funds
