- Polymarket prediction platform was hacked via a compromised third‑party vendor dependency, injecting malicious scripts into its frontend
- Around $3M in crypto stolen from ~11 users, according to PeckShield; Polymarket is refunding victims in full while removing the affected dependency
- Community reactions on X were critical, with some blaming prior “taunting hackers”; one victim speculated the breach may have involved Xorek Cloud’s VPS
Polymarket, a prediction platform where people trade on the likelihood of different real-world events, got hacked and allegedly lost around $3 million in user funds. The company is now refunding the victims in full.
In a short post published on X earlier this week, Polymarket confirmed the news, saying it discovered that a third-party vendor had been compromised. Through that compromise, the attackers injected a malicious script “into our frontend for some users.”
Since then, Polymarket said it contained the incident and removed the affected dependency but did not say which dependency it was. It did not say which third-party vendor was compromised. Furthermore, it said it is currently contacting impacted users and refunding them in full, but did not state how many people were affected, or how much money is involved.
Context-dependent vulnerabilities
This morning we discovered a 3rd party vendor had been compromised, injecting a malicious script into our frontend for some users. We've contained it & removed the affected dependency. We're contacting impacted users & refunding them in full.June 25, 2026
In its write-up, TechCrunch cited blockchain monitoring firm PeckShield, which claims that around $3 million in cryptocurrency was stolen in the attack. The publication also reported that around 11 people were affected. Polymarket allows its users to be paid in crypto.
X users who left comments on Polymarket’s announcement seem utterly unsurprised by the breach. “I spent weeks telling you this and you ignored it,” one person said. “The next time l find a vulnerability, l will sell it to criminal gangs.” Three users suggested Polymarket deserved what had happened for “taunting hackers” in the past. One made a sly joke saying, “how did you not predict this?”
Polymarket did not say which third-party vendor was compromised, but one of the users who lost funds in this attack speculates it happened through Xorek Cloud’s VPS:
“I recently bought a VPS from Xorek Cloud and stored my private key on it,” they said on X. “I'm not sure how the compromise happened, but that's the only possible security risk I can think of.”
Via TechCrunch
