Prediction platform Polymarket announced a security breach affecting approximately eleven user accounts. The company confirmed that unauthorized access resulted in the loss of user funds.
The total damage amounts to approximately $3 million. The attack involved the injection of a malicious script into the platform interface, which allowed unauthorized access to specific account balances.
Resolution and Cause
Polymarket stated that the vulnerability has been patched. The company committed to fully reimbursing all affected users for the stolen funds.
The official cause of the breach remains undisclosed. One affected user indicated that the compromise may be linked to the Xorek Cloud VPS service used for private key storage. Polymarket has not confirmed this theory or identified the specific service provider involved.