Polymarket and Third-party service provider: Polymarket Platform Hit by Cyberattack: Hackers Steal User Funds

Polymarket Hit by $3M Cyberattack Following Third-Party Security Flaw

Polymarket, the world’s largest prediction market, confirmed a cyberattack that resulted in the theft of approximately $3 million in cryptocurrency. The breach stemmed from a security vulnerability in a third-party service provider, which allowed attackers to inject malicious scripts into the platform’s code. The incident, first reported by TechCrunch, targeted a specific segment of users rather than the entire user base.

Blockchain security firm PeckShield and independent analysts revealed that the attack employed a phishing campaign, tricking users into approving fake transactions that drained funds from their wallets. At least 11 major investors were affected, with stolen assets transferred to hacker-controlled addresses. Polymarket has since regained control of the situation, pledging to fully refund all lost funds and directly contacting impacted users.

The breach compounds recent reputational damage for Polymarket, which faced scrutiny earlier this week over deceptive marketing practices. Investigations uncovered that the platform paid social media influencers to promote fake winning videos, misleading users into believing they could replicate such gains. In response, Polymarket committed to an audit of its advertising content, though the cyberattack has further eroded trust in its security and ethical standards.

As prediction markets gain traction ahead of high-profile events, the incident underscores the risks of third-party dependencies and the need for heightened vigilance in cryptocurrency transactions.

Source: https://zamin.uz/en/technology/209189-polymarket-platform-hit-by-cyberattack-hackers-steal-user-funds.html

Polymarket TPRM report: https://www.rankiteo.com/company/polymarket

Third-party service provider TPRM report: https://www.rankiteo.com/company/panorays

"id": "panpol1782419132",
"linkid": "panorays, polymarket",
"type": "Cyber Attack",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'At least 11 major investors',
                        'industry': 'Cryptocurrency/FinTech',
                        'name': 'Polymarket',
                        'type': 'Prediction market platform'}],
 'attack_vector': ['Phishing campaign', 'Malicious script injection'],
 'customer_advisories': 'Directly contacted impacted users',
 'data_breach': {'data_exfiltration': 'Stolen assets transferred to '
                                      'hacker-controlled addresses',
                 'sensitivity_of_data': 'High (financial assets)',
                 'type_of_data_compromised': 'Cryptocurrency wallet '
                                             'transactions'},
 'description': 'Polymarket, the world’s largest prediction market, confirmed '
                'a cyberattack that resulted in the theft of approximately $3 '
                'million in cryptocurrency. The breach stemmed from a security '
                'vulnerability in a third-party service provider, which '
                'allowed attackers to inject malicious scripts into the '
                'platform’s code. The incident targeted a specific segment of '
                'users rather than the entire user base. The attack employed a '
                'phishing campaign, tricking users into approving fake '
                'transactions that drained funds from their wallets. At least '
                '11 major investors were affected, with stolen assets '
                'transferred to hacker-controlled addresses. Polymarket has '
                'since regained control of the situation, pledging to fully '
                'refund all lost funds and directly contacting impacted users.',
 'impact': {'brand_reputation_impact': 'Eroded trust in security and ethical '
                                       'standards',
            'financial_loss': '$3 million',
            'operational_impact': 'Funds drained from user wallets',
            'systems_affected': 'Polymarket platform'},
 'initial_access_broker': {'entry_point': 'Third-party service provider '
                                          'vulnerability',
                           'high_value_targets': '11 major investors'},
 'lessons_learned': 'Risks of third-party dependencies and the need for '
                    'heightened vigilance in cryptocurrency transactions',
 'motivation': 'Financial gain',
 'post_incident_analysis': {'corrective_actions': 'Audit of advertising '
                                                  'content, refund of lost '
                                                  'funds',
                            'root_causes': 'Third-party security flaw, '
                                           'phishing campaign'},
 'references': [{'source': 'TechCrunch'}],
 'response': {'containment_measures': 'Regained control of the situation',
              'recovery_measures': 'Directly contacted impacted users',
              'remediation_measures': 'Fully refunded all lost funds',
              'third_party_assistance': 'PeckShield (blockchain security '
                                        'firm)'},
 'title': 'Polymarket Hit by $3M Cyberattack Following Third-Party Security '
          'Flaw',
 'type': 'Cyberattack',
 'vulnerability_exploited': 'Security vulnerability in a third-party service '
                            'provider'}

Polymarket and Third-party service provider: Polymarket Platform Hit by Cyberattack: Hackers Steal User Funds

Klue: Klue Hit by Double Extortion as Second Hacker Group Emerges

California Water Service: Cal Water Says No OT Systems Breached in Iranian Handala Cyberattack

Microsoft: Edge users beware — this malicious extension can break out of the sandbox and install ransomware