coin-img-ETHETH+3.51%coin-img-BTCBTC+2.68%coin-img-SOLSOL+8.57%coin-img-CTMCTM+36.08%coin-img-XRPXRP+4.40%coin-img-USDCUSDC+0.00%coin-img-TRXTRX-0.34%coin-img-HYPEHYPE+4.12%coin-img-ETHETH+3.51%coin-img-BTCBTC+2.68%coin-img-SOLSOL+8.57%coin-img-CTMCTM+36.08%coin-img-XRPXRP+4.40%coin-img-USDCUSDC+0.00%coin-img-TRXTRX-0.34%coin-img-HYPEHYPE+4.12%coin-img-ETHETH+3.51%coin-img-BTCBTC+2.68%coin-img-SOLSOL+8.57%coin-img-CTMCTM+36.08%coin-img-XRPXRP+4.40%coin-img-USDCUSDC+0.00%coin-img-TRXTRX-0.34%coin-img-HYPEHYPE+4.12%coin-img-ETHETH+3.51%coin-img-BTCBTC+2.68%coin-img-SOLSOL+8.57%coin-img-CTMCTM+36.08%coin-img-XRPXRP+4.40%coin-img-USDCUSDC+0.00%coin-img-TRXTRX-0.34%coin-img-HYPEHYPE+4.12%

Polymarket Says $2.94M Stolen in Front-End Phishing Attack, Pledges Full User Refunds

Polymarket says it will fully reimburse users after a front-end phishing incident that blockchain analyst Specter estimates drained about $2.94 million from at least 11 wallets. Specter said the attack began with a compromise at a third-party vendor, allowing the attackers to inject malicious code into Polymarket’s front end. The injected script allegedly guided users into a phishing flow in which they could be tricked into signing or approving actions that moved funds, rather than completing legitimate transactions. Polymarket posted on X that it has identified and contained the issue, removed the affected dependency, and will refund impacted users in full. Cointelegraph reported it sought additional comment but had not received a response by publication. The incident lands amid a broader rise in crypto security breaches tracked by DefiLlama. According to the data cited, June losses reached $74.9 million across 29 reported incidents, up from $60.5 million in May, though still far below April’s $644 million. DefiLlama also flags the second quarter as the most-hacked on record by incident count. DefiLlama’s June tallies were driven by several large events, including a $36 million Humanity Protocol exploit, a $4.7 million Secret Network bridge exploit, two separate Aztec exploits worth $2.1 million each, and a $1.7 million Taiko bridge exploit. The clustering of losses again highlights ongoing risks tied to cross-chain bridges and complex protocol integrations. Over the last 30 days, DefiLlama attributes the largest share of losses to private key compromises (43%), followed by "fake proof" exploits (10%) and reverse MEV honeypots (8%). Specter characterized the Polymarket case as a front-end injection leading to phishing, underscoring how supply-chain weaknesses can be combined with user-targeted deception. Polymarket has faced recent security scrutiny. About a month earlier, the company disclosed a separate $600,000 exploit tied to a six-year-old private key used for internal top-up operations. Polymarket VP of engineering Josh Stevens said at the time that user funds and contracts were safe and that permissions linked to the key had been revoked. With Polymarket saying the compromised dependency has been removed and refunds are coming, users and investors will be watching for any follow-on scams that could persist through cached pages, third-party scripts, or renewed attempts to obtain user approvals. More broadly, the market will track whether the record incident pace continues into the rest of the quarter and whether phishing-style attacks increase alongside private key compromises.
Selected
BTC
BTC+2.72%
TAIKO
TAIKO+6.95%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.