Polymarket confirmed a recent account hack affecting multiple users after a vulnerability in a third-party authentication provider allowed unauthorized access and drained balances.
Decentralized prediction market platform Polymarket has confirmed that multiple users were affected by a recent security breach linked to a third-party authentication provider.
Reports of account compromises began surfacing earlier this week on X and Reddit, where users described unauthorized login attempts followed by drained balances.
"Today I woke up and see 3 attempts to login to Polymarket — My device isn’t compromised, Google found nothing suspicious, all other services are fine," one Reddit user wrote.
"So I went to Polymarket and realized that all my deals were closed and balance is $0.01."
Another user reported receiving multiple login alerts before their funds were siphoned, despite not clicking suspicious links and having two-factor authentication (2FA) enabled on their email account.
Users Linked Through Magic Labs Affected
According to multiple social media reports, the breach appears to have primarily impacted users who signed up via Magic Labs — a service that allows email-based logins while automatically creating non-custodial Ethereum wallets.
Magic Labs is commonly used by first-time crypto users who do not already possess digital asset wallets, making it a popular onboarding solution.
Polymarket Responds: No Ongoing Risk
On Tuesday, Polymarket acknowledged the incident in its official Discord channel:
"We recently identified and resolved a security issue affecting a small number of users.
The issue was caused by a vulnerability introduced by a third-party authentication provider."
While Polymarket stated the issue has been resolved and that no ongoing risks remain, it did not disclose:
- The number of users affected
- The total value of funds stolen
- The name of the third-party provider involved
The platform confirmed it will contact impacted users directly. Media outlet The Block has reached out to Polymarket for additional clarification.
A Recurring Security Concern
This incident echoes earlier security issues on the platform:
September 2024 Incident
- Users logging in via Google accounts reported wallet drains
- Attackers exploited proxy function calls to move USDC to phishing addresses
- Polymarket linked the issue to a third-party authentication provider
Recent Phishing Campaign
- Scammers exploited comment sections to post disguised phishing links
- Victims were redirected to fraudulent login pages
- Losses exceeded $500,000
Conclusion
While Polymarket has assured users that the vulnerability has been addressed, the repeated nature of authentication-related exploits highlights ongoing security challenges tied to third-party login providers in crypto platforms.
Key Topics
Crypto New Live
admin@cryptonewslive.org
Polymarket Hack Tied to Third-Party Auth Flaw
Polymarket confirms a security breach affecting users after a third-party authentication vulnerability led to unauthorized logins and drained balances.