1 hour ago
11
Polymarket is probing a security incident after attackers used a compromised internal Polygon wallet to siphon roughly $700,000 worth of POL.
Blockchain sleuth ZachXBT first flagged the exploit and identified connections to a Polymarket UMA CTF adapter contract.
The stolen funds were split across at least 15 addresses and routed through centralized exchanges and other services. According to onchain analytics platform Bubblemaps, attackers extracted around 5,000 POL every 30 seconds before suspicious withdrawals ceased.
UPDATE: ~$700k exploited
• Suspected withdrawals have stopped
• Polymarket said the incident was isolated and user funds are safe
The stolen funds were split across 16 addresses and routed through CEXs and other services
Exploiter addresses:… https://t.co/gSXWv7UywX
— Bubblemaps (@bubblemaps) May 22, 2026
Polymarket’s Shantikiran Chanal said in a statement that the incident was isolated to their internal operations infrastructure and confirmed that user funds and core systems were not affected.
We are rotating keys in our backend services, we are investigating any other internal secrets that might have been affected.
Thank you guys for your patience!
— Shantikiran Chanal (@ShantikiranC) May 22, 2026
Disclosure: This article was edited by Vivian Nguyen. For more information on how we create and review content, see our Editorial Policy.
English (US) ·