Polymarket, a prediction market platform, confirmed that hackers stole funds from a number of different users.
According to Polymarket, the hackers created a malicious script in the user interface for some users, allowing them to steal funds from their accounts.
The platform mentione on recent post on X:
We’ve contained it & removed the affected dependency. We’re contacting impacted users & refunding them in full.
Blockchain monitoring firm PeckShield estimates the total amount stolen was approximately $3 million in cryptocurrency.
About 11 users of the platform were affected by the incident and lost their funds. Since Polymarket makes payments in cryptocurrency, the impact was immediate for those affected.
Polymarket spokesperson Connor Brandi confirmed that the hacker had stolen user funds but declined to provide any other information about what happened or to answer other questions about the incident.
A VPS service provided by Xorek Cloud is suspected to have been accessed compromised in the opinion of one victim that shares their private key with their VPS. “I recently bought a VPS from Xorek Cloud and stored my private key on it. I’m not sure how the compromise happened, but that’s the only possible security risk I can think of,” the user said.
Several commenters were trolling the Polymarket platform, essentially telling it to stop “taunting hackers” because they deserve to be hacked. Another person laughed and asked “how did you not predict this?”
Polymarket has not indicated which provider had the breach.
