°C New York Saturday, June 27, 2026
About Contact Subscribe →
BREAKING NEWS
markets

Polymarket Suffers $2.9M Frontend Hack, Pledges Full Refunds

A malicious script injected into Polymarket's frontend drained $2.9M from users. The platform says it contained the breach and will refund those affected.

Polymarket, one of the most prominent decentralized prediction markets in the crypto space, disclosed that attackers managed to steal approximately $2.9 million from users by injecting a malicious script into the platform's frontend interface. The company said it has since contained the compromise and moved quickly to remove the affected software dependency that served as the entry point for the attack.

The nature of the exploit — a supply-chain-style attack targeting a frontend dependency rather than the underlying smart contracts — reflects a broader and increasingly common vulnerability across Web3 platforms. Even when a protocol's core blockchain logic is technically sound, the user-facing layer can introduce significant risk if third-party code libraries are not rigorously vetted or monitored for tampering.

Read more OpenAI's IPO Path Remains Unclear Despite SEC Filing →

Polymarket's decision to refund affected users is a notable response in an industry where victims of such hacks frequently receive little recourse. The pledge signals a degree of operational accountability that distinguishes the platform from many crypto projects that disclaim liability for frontend-level compromises, though it also raises questions about the financial reserves and insurance mechanisms platforms maintain for exactly these scenarios.

The incident arrives at a sensitive moment for prediction markets broadly, as Polymarket has seen substantial mainstream attention following high-profile political betting cycles. Any erosion of user trust could have outsized consequences for a platform whose value proposition depends entirely on participant confidence in the integrity of its infrastructure. Security audits of frontend dependencies — not just smart contracts — are likely to come under greater scrutiny industry-wide as a result.

Continue reading at Cointelegraph.

Continue reading at Cointelegraph →

Frequently Asked Questions

Q.How did the Polymarket hack happen?

Attackers injected a malicious script into Polymarket's frontend interface by compromising a software dependency the platform relied on, allowing them to steal funds from users.

Q.Will Polymarket users get their money back after the hack?

Yes. Polymarket has pledged to refund users who were affected by the $2.9 million theft.

Q.Has Polymarket fixed the security vulnerability?

According to Polymarket, the company contained the compromise and removed the affected dependency from its frontend following the attack.

More in markets →
markets
OpenAI's IPO Path Remains Unclear Despite SEC Filing
OpenAI filed a confidential prospectus with the SEC but has not scheduled investor meetings or set a public offering timeline.
markets
Goldman Sachs: IPO Market Recovery Still Far From Dot-Com Mania
Goldman Sachs says the current IPO rebound, while real, remains well below the speculative excess of the late-1990s tech boom.
markets
Saudi Aramco Restores Oil Exports at Ras Tanura Terminal
Saudi Aramco has resumed crude oil loading at its Ras Tanura port, easing concerns about a disruption to global supply from the world's largest oil exporter.
markets
OpenAI Eyes 2027 IPO Delay as SpaceX Mulls Mobile Expansion
OpenAI may push its public debut to 2027, while SpaceX is reportedly exploring a broader move into mobile services.