$3M Drained in Polymarket Frontend Hack Linked to Third-Party Breach

Polymarket has confirmed that its website frontend was compromised after attackers breached a third-party service and injected malicious code, leading to the theft of roughly $3 million in user assets.

According to on-chain analysis, the incident had a limited scope, affecting fewer than 15 accounts. The stolen assets were primarily denominated in pUSD stablecoins, which were later converted into ETH.

In response, Polymarket said it has removed the malicious code and resolved the underlying vulnerability, restoring platform security. The company also stated that all impacted users will be fully reimbursed. This marks the second security incident affecting the platform in under two months.

Source: Polymarket