RSS

Polymarket customers lose $3M in supply-chain attack

01-_-1 pts0 comments

Polymarket customers lose $3 million in supply-chain attack

Home<br>News<br>Security<br>Polymarket customers lose $3 million in supply-chain attack

Polymarket customers lose $3 million in supply-chain attack

By Bill Toulas

June 26, 2026

02:04 PM

Polymarket says it will fully reimburse customers who lost an estimated $3 million after hackers injected a malicious script into the platform's frontend following a breach at a third-party vendor.

The company states in a brief announcement that the hack was the result of a supply-chain attack that impacted a dependency on its website.

Polymarket is one of the world's largest cryptocurrency-based prediction markets that allows users to trade contracts with prices that reflect the market's collective estimate of an event's outcome.

It offers predictions for sports, economic indicators, weather patterns, awards, political and legislative outcomes, and even military conflicts.

Founded in 2020, the platform is currently valued at $9 billion, handles billions of dollars in trading volume, and serves as an influential source of information on market expectations.

During the attack, unsuspecting users were tricked into approving fraudulent transactions on the official Polymarket website after malicious JavaScript was injected through a frontend vendor.

Polymarket&rsquo;s own servers and backend infrastructure were not impacted by the incident.

The company did not share many details about the event, but independent blockchain intelligence firms estimate the losses at roughly $3 million, stolen from a small number of accounts.

According to blockchain security firm PeckShield, the incident was a phishing campaign that stole approximately $3 million worth of ParyonUSD from users. The stolen funds were later swapped for 1,893 Ether.

"The attacker bridged the stolen funds from #Polygon to #Ethereum and swapped them into ~1,893 $ETH," PeckShield says.

Transaction tracking<br>Source: PeckShield

Based on visual analytics company Bubblemaps, the incident has impacted less than 15 accounts. The company published a list of some of the affected accounts as well as the wallets holding the stolen funds.

BleepingComputer has contacted Polymarket to request more details about the incident, but we have not received a response by publication time.

Test every layer before attackers do

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.<br>The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Related Articles:

LastPass confirms data breach in Klue supply chain attack<br>ShapedPlugin update flow hacked to infect WordPress sites<br>OptinMonster WordPress plugin hacked in CDN supply-chain attack<br>GitHub announces npm security changes to tackle supply-chain attacks<br>GitHub disables Microsoft repos pushing password-stealing malware

CryptoCurrency

Phishing

Polymarket

Supply Chain

Supply Chain Attack

Third-Party Data Breach

Bill Toulas

Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.

Previous Article

Next Article

Post a Comment Community Rules

You need to login in order to post a comment

Not a member yet? Register Now

You may also like:

Upcoming Webinar

Popular Stories

Microsoft quietly extends free Windows 10 ESU support to October 2027

Poland busts SIM-swapping gang tied to millions in crypto theft

New macOS malware embeds fake errors to confuse AI analysis tools

Sponsor Posts

Build a GRC agent in minutes, no code. Get early access to Agent Studio.

Prove any CVE is exploitable without firing an exploit. Read the TTP-chaining guide.

VOIP Detection with Phone.com and IPQS

CTI Starter Kit + 2026 SANS CTI Survey

Overdue a password health-check? Audit your Active Directory for free

Upcoming Webinar

Login

Username

Password

Remember Me

Sign in anonymously

Sign in with Twitter

Not a member yet? Register Now

Reporter

Help us understand the problem. What is going on with this comment?

Spam

Abusive or Harmful

Inappropriate content

Strong language

Other

Read our posting guidelinese to learn what content is prohibited.

Submitting...

SUBMIT

polymarket supply chain attack million customers

Related Articles

Is AI ruining our skills? Early results are in – and they're not good

Michelangelo1124 ptstools skills during physicians colonoscopies tool

The Anatomy of an AI-Native Org

kiyanwang22 ptstranslated managers business translation language engineering

Apertus – Open Foundation Model for Sovereign AI

T-A16 ptsopen model apertus foundation sovereign fully

How to Earn a Billion Dollars

kingstoned15 ptsmonth become startup growth years billionaire

Italy's Meloni says Trump 'made up' story that she 'begged' him for photo at G7

root-parent13 ptsmeloni trump italy said italian begged
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.