$3 Million Reportedly Stolen in Polymarket Hack

Decentralized prediction market Polymarket has promised to fully refund users affected by a hacker attack that came to light this week. Polymarket is a cryptocurrency-based prediction market platform that enables users to trade on the likely outcomes of real-world events ranging from elections and economic indicators to sports and cultural happenings. The company has shared little information about the incident. “This morning we discovered a 3rd party vendor had been compromised, injecting a malicious script into our frontend for some users. We’ve contained it & removed the affected dependency,” Polymarket said in a Thursday post on X. It noted that impacted users will be contacted and fully refunded, but it did not clarify how many users were affected and how much cryptocurrency was stolen. Blockchain security company PeckShield reported that roughly $3 million worth of pUSD, Polymarket’s USDC-backed trading currency, was stolen via a phishing campaign.  “The attacker bridged the stolen funds from Polygon to Ethereum and swapped them into ~1,893 ETH,” PeckShield said. A blockchain analyst confirmed that the losses total nearly $3 million, with funds stolen from at least 11 victims. It’s unclear who is behind the attack. SecurityWeek has reached out to Polymarket for confirmation of the amount stolen and the number of impacted users. This article will be updated if the company responds.  Related: $290 Million Kelp DAO Crypto Heist Blamed on North Korea Related: CryptoBandits Malware Doubles as a Backdoor, Abuses Tor Related: Dozens of Malicious Crypto Apps Land in Apple App Store Related: International Operation Targets Multimillion-Dollar Crypto Theft Schemes WRITTEN BY Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. More from Eduard Kovacs Cisco SD-WAN Zero-Day Exploited Months Before Patching Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware macOS Weaknesses Chained to Silently Disable Endpoint Security Agents Third DraftKings Hacker Sentenced to 18 Months in Prison Hackers Exploiting Cisco Unified CM Vulnerability Dragos Unveils AI for OT Security  Algerian Man Extradited to US for Running Cybercrime Marketplaces Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration  Latest News Linux Foundation Unveils New Open Source Security Project Akrites Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild New Enterprise-Ready MCP Specification Brings New Security Challenges Philip Martin Joins Uber as Chief Information Security Officer Runlayer Raises $30 Million in Series A Funding Cal Water Says No OT Systems Breached in Iranian Handala Cyberattack Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning Trending Webinar: Why Email Security Keeps Failing (And What Has To Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 16, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the Move Philip Martin has joined Uber as Chief Information Security Officer. Fable Security has appointed Jacob Berry as Chief Information Security Officer. iCOUNTER has named Ali Waezzadah as Chief Information Security Officer. More People On The Move Expert Insights When Information Becomes The Attack Surface – Understanding AI Agent Traps From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI. (Etay Maor) What The Latest ShinyHunters Breaches Reveal About Modern Cyberattacks Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. (Torsten George) No Exploits Required Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures. (Tod Beardsley) After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb) Everybody Is Vibe Coding But Nobody Told The Security Team AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au) Flipboard Reddit Whatsapp Email