{"id":48198,"date":"2026-06-26T07:04:50","date_gmt":"2026-06-26T07:04:50","guid":{"rendered":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/"},"modified":"2026-06-26T07:04:50","modified_gmt":"2026-06-26T07:04:50","slug":"polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack","status":"publish","type":"post","link":"https:\/\/cryptd.in\/nl\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/","title":{"rendered":"Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack"},"content":{"rendered":"<p>Polymarket confirmed Friday that a compromised third-party vendor allowed attackers to inject malicious code into its frontend, draining about $3 million from fewer than 15 user accounts.<\/p>\n<p>The platform says it will fully refund all affected users.<\/p>\n<h2>What Happened<\/h2>\n<p>The attack was first flagged by on-chain security researcher Specter, who <a href=\"https:\/\/x.com\/SpecterAnalyst\/status\/2070152064051605517?s=20\">posted<\/a> that an apparent phishing campaign had drained funds from more than 11 victim wallets holding Polymarket\u2019s PUSD stablecoin.<\/p>\n<p>At the time, they estimated losses at $2.94 million, with PeckShield confirming the figure shortly after and <a href=\"https:\/\/x.com\/PeckShieldAlert\/status\/2070157742514618443?s=20\">noting<\/a> that the attacker had bridged the stolen funds from Polygon to Ethereum and converted them into 1,893 ETH.<\/p>\n<p>The prediction market <a href=\"https:\/\/x.com\/PolymarketTrade\/status\/2070155882906730671?s=20\">acknowledged<\/a> the breach through one of its official accounts, Polymarket Traders.<\/p>\n<blockquote>\n<p>\u201cThis morning we discovered a 3rd party vendor had been compromised, injecting a malicious script into our frontend for some users. We\u2019ve contained it and removed the affected dependency,\u201d it wrote on X. \u201cWe\u2019re contacting impacted users and refunding them in full.\u201d<\/p>\n<\/blockquote>\n<p>William LeGate, who works closely with the platform, echoed news about the compensation, <a href=\"https:\/\/x.com\/williamlegate\/status\/2070156180802941117?s=20\">repeating<\/a> that the issue had been resolved and that affected users would get back their money in full.<\/p>\n<p>Another blockchain security account, GoPlus Security, <a href=\"https:\/\/x.com\/GoPlusSecurity\/status\/2070344479404597483?s=20\">described<\/a> the incident as a supply chain attack. It said that the malicious code affected about 15 accounts, with losses totaling $3 million, a conclusion that was also reached by Bubblemaps, which praised Polymarket\u2019s response after the losses were contained.<\/p>\n<h2>A Recurring Problem<\/h2>\n<p>This is not the first time Polymarket has been hit. Last month, the platform disclosed another breach in which an admin wallet used for employee reward top-ups was drained of about $700,000, likely through a private key compromise. At first, crypto sleuth ZachXBT had <a href=\"https:\/\/cryptopotato.com\/polymarket-admin-wallet-exploited-on-polygon-says-zachxbt\/\">estimated<\/a> the losses to be around $520,000, with Bubblemaps later quoting the higher figure after tracking the funds across several addresses.<\/p>\n<p>Developer Josh Stevens <a href=\"https:\/\/x.com\/devjoshstevens\/status\/2057768173915484505?s=20\">confirmed<\/a> at the time that a 6-year-old private key had been exposed through an internal configuration and that the company had since rotated credentials and moved to key management services. However, that incident did not touch user funds or core contracts.<\/p>\n<p>While the two incidents involved different attack methods, they both targeted systems outside Polymarket\u2019s prediction markets themselves. Furthermore, the latest one has come at a time when the platform is already navigating other reputational headwinds, including a recent report by the Wall Street Journal, which claimed that it had <a href=\"https:\/\/cryptopotato.com\/how-polymarket-reportedly-used-fake-winning-bets-to-drive-viral-growth\/\">paid<\/a> college-age creators between $2,000 and $3,000 per month to post videos of staged bets on dummy versions of the Polymarket website, with not even one of the over 1,100 clips traceable to real blockchain activity.<\/p>\n<p>There was also another controversy early this month when a trader <a href=\"https:\/\/cryptopotato.com\/trader-claims-polymarket-scammed-him-for-500k-on-microstrategys-bitcoin-sale-market\/\">claimed<\/a> that they had lost $500,000 after the prediction service allegedly changed resolution rules for a market tied to Strategy\u2019s Bitcoin sale.<\/p>\n<p>De post <a href=\"https:\/\/cryptopotato.com\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/\">Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack<\/a> verscheen eerst op <a href=\"https:\/\/cryptopotato.com\/\" rel=\"nofollow\">CryptoPotato<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>Polymarket confirmed Friday that a compromised third-party vendor allowed attackers to inject malicious code into its frontend, draining about $3 million from fewer than 15 user accounts. The platform says it will fully refund all affected users. What Happened The attack was first flagged by on-chain security researcher Specter, who posted that an apparent phishing [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":48200,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-48198","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-feeds"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack - cryptd.in<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cryptd.in\/nl\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/\" \/>\n<meta property=\"og:locale\" content=\"nl_NL\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack - cryptd.in\" \/>\n<meta property=\"og:description\" content=\"Polymarket confirmed Friday that a compromised third-party vendor allowed attackers to inject malicious code into its frontend, draining about $3 million from fewer than 15 user accounts. The platform says it will fully refund all affected users. What Happened The attack was first flagged by on-chain security researcher Specter, who posted that an apparent phishing [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cryptd.in\/nl\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"cryptd.in\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-26T07:04:50+00:00\" \/>\n<meta name=\"author\" content=\"cryptd.in\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Geschreven door\" \/>\n\t<meta name=\"twitter:data1\" content=\"cryptd.in\" \/>\n\t<meta name=\"twitter:label2\" content=\"Geschatte leestijd\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/\"},\"author\":{\"name\":\"cryptd.in\",\"@id\":\"https:\\\/\\\/cryptd.in\\\/#\\\/schema\\\/person\\\/7973e8183bc6723b86adfe84d5af0ce4\"},\"headline\":\"Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack\",\"datePublished\":\"2026-06-26T07:04:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/\"},\"wordCount\":489,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/cryptd.in\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cryptd.in\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Polymarket-ai5UJx.jpg\",\"articleSection\":[\"Feeds\"],\"inLanguage\":\"nl-NL\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/\",\"url\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/\",\"name\":\"Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack - cryptd.in\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cryptd.in\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cryptd.in\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Polymarket-ai5UJx.jpg\",\"datePublished\":\"2026-06-26T07:04:50+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/#breadcrumb\"},\"inLanguage\":\"nl-NL\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"nl-NL\",\"@id\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/cryptd.in\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Polymarket-ai5UJx.jpg\",\"contentUrl\":\"https:\\\/\\\/cryptd.in\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Polymarket-ai5UJx.jpg\",\"width\":1351,\"height\":810},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/cryptd.in\\\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/cryptd.in\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/cryptd.in\\\/#website\",\"url\":\"https:\\\/\\\/cryptd.in\\\/\",\"name\":\"cryptd.in\",\"description\":\"Alternative LinkedIn for Crypto-friendly Talents\",\"publisher\":{\"@id\":\"https:\\\/\\\/cryptd.in\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/cryptd.in\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"nl-NL\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/cryptd.in\\\/#organization\",\"name\":\"cryptd.in\",\"url\":\"https:\\\/\\\/cryptd.in\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"nl-NL\",\"@id\":\"https:\\\/\\\/cryptd.in\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/cryptd.in\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/cryptdin_logo.jpg\",\"contentUrl\":\"https:\\\/\\\/cryptd.in\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/cryptdin_logo.jpg\",\"width\":900,\"height\":900,\"caption\":\"cryptd.in\"},\"image\":{\"@id\":\"https:\\\/\\\/cryptd.in\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/cryptd.in\\\/#\\\/schema\\\/person\\\/7973e8183bc6723b86adfe84d5af0ce4\",\"name\":\"cryptd.in\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"nl-NL\",\"@id\":\"https:\\\/\\\/cryptd.in\\\/wp-content\\\/litespeed\\\/avatar\\\/0b38230b9c4987de71d8ea131b2d0c60.jpg?ver=1782237327\",\"url\":\"https:\\\/\\\/cryptd.in\\\/wp-content\\\/litespeed\\\/avatar\\\/0b38230b9c4987de71d8ea131b2d0c60.jpg?ver=1782237327\",\"contentUrl\":\"https:\\\/\\\/cryptd.in\\\/wp-content\\\/litespeed\\\/avatar\\\/0b38230b9c4987de71d8ea131b2d0c60.jpg?ver=1782237327\",\"caption\":\"cryptd.in\"},\"sameAs\":[\"http:\\\/\\\/cryptd.in\"],\"url\":\"https:\\\/\\\/cryptd.in\\\/nl\\\/author\\\/cryptd-in\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack - cryptd.in","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cryptd.in\/nl\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/","og_locale":"nl_NL","og_type":"article","og_title":"Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack - cryptd.in","og_description":"Polymarket confirmed Friday that a compromised third-party vendor allowed attackers to inject malicious code into its frontend, draining about $3 million from fewer than 15 user accounts. The platform says it will fully refund all affected users. What Happened The attack was first flagged by on-chain security researcher Specter, who posted that an apparent phishing [&hellip;]","og_url":"https:\/\/cryptd.in\/nl\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/","og_site_name":"cryptd.in","article_published_time":"2026-06-26T07:04:50+00:00","author":"cryptd.in","twitter_card":"summary_large_image","twitter_misc":{"Geschreven door":"cryptd.in","Geschatte leestijd":"2 minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/#article","isPartOf":{"@id":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/"},"author":{"name":"cryptd.in","@id":"https:\/\/cryptd.in\/#\/schema\/person\/7973e8183bc6723b86adfe84d5af0ce4"},"headline":"Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack","datePublished":"2026-06-26T07:04:50+00:00","mainEntityOfPage":{"@id":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/"},"wordCount":489,"commentCount":0,"publisher":{"@id":"https:\/\/cryptd.in\/#organization"},"image":{"@id":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/cryptd.in\/wp-content\/uploads\/2026\/06\/Polymarket-ai5UJx.jpg","articleSection":["Feeds"],"inLanguage":"nl-NL","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/","url":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/","name":"Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack - cryptd.in","isPartOf":{"@id":"https:\/\/cryptd.in\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/#primaryimage"},"image":{"@id":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/cryptd.in\/wp-content\/uploads\/2026\/06\/Polymarket-ai5UJx.jpg","datePublished":"2026-06-26T07:04:50+00:00","breadcrumb":{"@id":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/#breadcrumb"},"inLanguage":"nl-NL","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/"]}]},{"@type":"ImageObject","inLanguage":"nl-NL","@id":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/#primaryimage","url":"https:\/\/cryptd.in\/wp-content\/uploads\/2026\/06\/Polymarket-ai5UJx.jpg","contentUrl":"https:\/\/cryptd.in\/wp-content\/uploads\/2026\/06\/Polymarket-ai5UJx.jpg","width":1351,"height":810},{"@type":"BreadcrumbList","@id":"https:\/\/cryptd.in\/polymarket-to-refund-users-after-hackers-steal-3m-in-frontend-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cryptd.in\/"},{"@type":"ListItem","position":2,"name":"Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack"}]},{"@type":"WebSite","@id":"https:\/\/cryptd.in\/#website","url":"https:\/\/cryptd.in\/","name":"cryptd.in","description":"Alternatieve LinkedIn voor cryptovriendelijke talenten","publisher":{"@id":"https:\/\/cryptd.in\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cryptd.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"nl-NL"},{"@type":"Organization","@id":"https:\/\/cryptd.in\/#organization","name":"cryptd.in","url":"https:\/\/cryptd.in\/","logo":{"@type":"ImageObject","inLanguage":"nl-NL","@id":"https:\/\/cryptd.in\/#\/schema\/logo\/image\/","url":"https:\/\/cryptd.in\/wp-content\/uploads\/2024\/05\/cryptdin_logo.jpg","contentUrl":"https:\/\/cryptd.in\/wp-content\/uploads\/2024\/05\/cryptdin_logo.jpg","width":900,"height":900,"caption":"cryptd.in"},"image":{"@id":"https:\/\/cryptd.in\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/cryptd.in\/#\/schema\/person\/7973e8183bc6723b86adfe84d5af0ce4","name":"cryptd.in","image":{"@type":"ImageObject","inLanguage":"nl-NL","@id":"https:\/\/cryptd.in\/wp-content\/litespeed\/avatar\/0b38230b9c4987de71d8ea131b2d0c60.jpg?ver=1782237327","url":"https:\/\/cryptd.in\/wp-content\/litespeed\/avatar\/0b38230b9c4987de71d8ea131b2d0c60.jpg?ver=1782237327","contentUrl":"https:\/\/cryptd.in\/wp-content\/litespeed\/avatar\/0b38230b9c4987de71d8ea131b2d0c60.jpg?ver=1782237327","caption":"cryptd.in"},"sameAs":["http:\/\/cryptd.in"],"url":"https:\/\/cryptd.in\/nl\/author\/cryptd-in\/"}]}},"_links":{"self":[{"href":"https:\/\/cryptd.in\/nl\/wp-json\/wp\/v2\/posts\/48198","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptd.in\/nl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptd.in\/nl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptd.in\/nl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptd.in\/nl\/wp-json\/wp\/v2\/comments?post=48198"}],"version-history":[{"count":0,"href":"https:\/\/cryptd.in\/nl\/wp-json\/wp\/v2\/posts\/48198\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptd.in\/nl\/wp-json\/wp\/v2\/media\/48200"}],"wp:attachment":[{"href":"https:\/\/cryptd.in\/nl\/wp-json\/wp\/v2\/media?parent=48198"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptd.in\/nl\/wp-json\/wp\/v2\/categories?post=48198"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptd.in\/nl\/wp-json\/wp\/v2\/tags?post=48198"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}