Polymarket customers lose $3 million in supply-chain attack
Polymarket, a cryptocurrency-based prediction market platform, suffered a supply-chain attack where hackers injected malicious JavaScript into the frontend via a third-party vendor breach. This led to an estimated $3 million stolen from fewer than 15 user accounts through fraudulent transaction approvals. Polymarket's backend and servers were not compromised. The company has committed to fully reimbursing affected customers. The stolen funds were converted from ParyonUSD to Ether and moved across blockchain networks.
AI Analysis
Technical Summary
The threat involves a supply-chain attack targeting Polymarket's frontend by exploiting a compromised third-party vendor dependency. Malicious JavaScript was injected into the platform's website, tricking users into approving fraudulent transactions. The attack did not affect Polymarket's backend infrastructure. Blockchain intelligence firms estimate losses of approximately $3 million from under 15 accounts. The attacker converted stolen ParyonUSD into roughly 1,893 Ether and moved the funds from the Polygon to the Ethereum blockchain. Polymarket announced full reimbursement for affected users but has not provided detailed technical disclosures.
Potential Impact
Approximately $3 million was stolen from a small number of Polymarket user accounts due to fraudulent transaction approvals caused by malicious script injection. The platform's backend and servers remained secure, limiting the breach scope to frontend compromise via a third-party vendor. The financial loss impacts affected users directly, but Polymarket's commitment to full reimbursement mitigates long-term user financial damage. The incident highlights risks associated with supply-chain dependencies in web platforms.
Mitigation Recommendations
Polymarket has committed to fully reimbursing customers who lost funds in this incident. Since the attack exploited a third-party vendor dependency, remediation should focus on securing and auditing all supply-chain components and dependencies. Users should remain vigilant for phishing attempts and unauthorized transaction requests. Patch status is not yet confirmed—check Polymarket's official advisories for updates on fixes or vendor mitigations. No direct patch or fix details are currently available.
Polymarket customers lose $3 million in supply-chain attack
Description
Polymarket, a cryptocurrency-based prediction market platform, suffered a supply-chain attack where hackers injected malicious JavaScript into the frontend via a third-party vendor breach. This led to an estimated $3 million stolen from fewer than 15 user accounts through fraudulent transaction approvals. Polymarket's backend and servers were not compromised. The company has committed to fully reimbursing affected customers. The stolen funds were converted from ParyonUSD to Ether and moved across blockchain networks.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The threat involves a supply-chain attack targeting Polymarket's frontend by exploiting a compromised third-party vendor dependency. Malicious JavaScript was injected into the platform's website, tricking users into approving fraudulent transactions. The attack did not affect Polymarket's backend infrastructure. Blockchain intelligence firms estimate losses of approximately $3 million from under 15 accounts. The attacker converted stolen ParyonUSD into roughly 1,893 Ether and moved the funds from the Polygon to the Ethereum blockchain. Polymarket announced full reimbursement for affected users but has not provided detailed technical disclosures.
Potential Impact
Approximately $3 million was stolen from a small number of Polymarket user accounts due to fraudulent transaction approvals caused by malicious script injection. The platform's backend and servers remained secure, limiting the breach scope to frontend compromise via a third-party vendor. The financial loss impacts affected users directly, but Polymarket's commitment to full reimbursement mitigates long-term user financial damage. The incident highlights risks associated with supply-chain dependencies in web platforms.
Mitigation Recommendations
Polymarket has committed to fully reimbursing customers who lost funds in this incident. Since the attack exploited a third-party vendor dependency, remediation should focus on securing and auditing all supply-chain components and dependencies. Users should remain vigilant for phishing attempts and unauthorized transaction requests. Patch status is not yet confirmed—check Polymarket's official advisories for updates on fixes or vendor mitigations. No direct patch or fix details are currently available.
Technical Details
- Article Source
- {"url":"https://www.bleepingcomputer.com/news/security/polymarket-customers-lose-3-million-in-supply-chain-attack/","fetched":true,"fetchedAt":"2026-06-26T18:12:16.755Z","wordCount":609}
Threat ID: 6a3ec100d9e07477746fa52d
Added to database: 06/26/2026, 18:12:16 UTC
Last enriched: 06/26/2026, 18:12:24 UTC
Last updated: 06/26/2026, 18:47:05 UTC
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.