Polymarket users lose $3 million after frontend hack

A suspected phishing attack targeting one of Polymarket’s third-party vendors has resulted in $3 million worth of crypto being stolen from users.

The Polymarket Traders X account revealed that the firm discovered on Thursday morning that its third-party vendor had been compromised. It claims that hackers then injected “a malicious script into our frontend for some users.” 

It also claims that the firm has contained the issue and removed “the affected dependency.” Finally, it reassured users that it will fully refund those affected.

Crypto security analyst Specter tracked the hack, noting that there was a potential “phishing attack targeting Polymarket users.”

It estimated that the attackers had stolen almost $3 million from 11 victim wallets. Each victim was in possession of Polymarket stablecoin PUSD. 

It appears there may be a phishing attack targeting Polymarket users, with estimated losses of $2.94M so far.

The attacker has drained funds from 11+ victim wallets holding PUSD, swapped the stolen assets for ETH, and consolidated the proceeds into the following address:… pic.twitter.com/6WfS0JhdDG

— Specter (@SpecterAnalyst) June 25, 2026

Read more: American Indian tribes want Kalshi and Polymarket off their land

This stolen crypto was then swapped for ETH before being redirected to this address: 0xe65b1C586757c5510B60F998Eebb14C1eF71E1eD.

Just last month, Polymarket suffered another hack after an exploited private key lost the company $700,000.

The company stressed that the theft was caused by an old private that had been compromised rather than a hack related to its contracts and core infrastructure.

Protos has reached out to Polymarket for comment and will update this piece should we hear anything back.

Got a tip? Send us an email securely via Protos Leaks. For more informed news and investigations, follow us on X, Bluesky, and Google News, or subscribe to our YouTube channel.