Polymarket has pledged to fully reimburse users after hackers stole approximately $2.9 million through a sophisticated phishing attack that compromised a third-party vendor connected to the prediction market platform. Rather than exploiting Polymarket’s smart contracts or blockchain infrastructure, attackers injected malicious code through an external service, tricking a small number of users into approving fraudulent wallet transactions. The incident highlights the growing cybersecurity risks facing crypto platforms as hackers increasingly target third-party software instead of blockchain protocols themselves.
Polymarket confirmed that the exploit was quickly contained and emphasized that its core infrastructure remained secure throughout the incident. The company also announced that every affected user will receive a full refund, reinforcing its commitment to customer protection despite the attack originating outside its primary systems.
According to Polymarket, the breach was caused by a compromise involving a third-party software vendor rather than a vulnerability in the platform’s smart contracts or wallet infrastructure.
The attackers reportedly injected malicious code into portions of Polymarket’s frontend, causing certain users to unknowingly sign fraudulent transactions that transferred cryptocy from their wallets. Once the malicious dependency was identified, engineers immediately removed the affected software and isolated the attack before additional users could be impacted. The incident demonstrates how supply-chain attacks are becoming an increasingly common tactic against cryptocy platforms.
Blockchain security researchers estimate that hackers successfully stole approximately $2.9 million in cryptocy during the attack. Reports indicate that the exploit affected only a relatively small number of users rather than Polymarket’s broader customer base. Blockchain security firm PeckShield estimated that roughly 11 wallets were compromised, making the incident highly targeted despite the significant financial losses.
Unlike exchange hacks that compromise centralized custody, victims in this case unknowingly approved transactions themselves after interacting with the malicious interface.
In response to the attack, Polymarket announced that all affected users will be fully reimbursed. The company stated it has already begun contacting impacted customers directly while processing refunds for the stolen assets. Although the financial loss is substantial, the reimbursement commitment is intended to preserve user confidence as prediction markets continue gaining mainstream attention.
The incident also reflects a growing trend across the crypto industry, where leading platforms increasingly choose to absorb losses from isolated security incidents to protect long-term trust.
One of the most important takeaways from the incident is that Polymarket’s blockchain infrastructure remained intact.
The attack did not exploit:
Instead, hackers exploited the application’s user interface by inserting malicious code through an external software dependency. This distinction is significant because it illustrates that many modern crypto attacks target traditional web infrastructure rather than blockchain technology itself.
Cybercriminals are increasingly shifting away from attempting to break blockchain security directly.
Instead, attackers have focused on compromising:
These attacks often succeed because users trust familiar interfaces, making malicious code much more difficult to detect than obvious phishing emails or fake websites. As blockchain applications become more sophisticated, securing the surrounding software ecosystem has become just as important as protecting smart contracts.
The incident comes during a period of rapid growth for prediction markets. Platforms like Polymarket have attracted millions of users by allowing traders to speculate on elections, sports, financial markets, politics, and real-world events using blockchain technology. The sector has also experienced growing institutional interest as regulated competitors expand into traditional financial markets.
While the attack temporarily raised security concerns, Polymarket’s quick response and reimbursement plan may help limit long-term reputational damage.
On-chain investigator ZachXBT has publicly questioned the financial health of cryptocy exchange AscendEXafter mounting reports of users waiting days—and…
Tether is expanding beyond stablecoins once again—this time by turning its massive $23 billion gold reserve into an…
Strategy Executive Chairman Michael Saylor is standing by his long-term Bitcoin strategy despite mounting pressure from investors as…
Base, the Ethereum Layer-2 blockchain incubated by Coinbase, has fully restored operations after suffering a block production…
Bitcoin has fallen below the $60,000 level once again, placing the world's largest cryptocy on pace to record…
One of the biggest names in real-world asset tokenization is preparing to make history. Securitize, the…