Polymarket is currently investigating a security breach that resulted in the theft of approximately $700,000 in POL tokens. This incident was first identified by blockchain investigator ZachXBT, who traced the exploit back to a compromised internal wallet on the Polygon network related to Polymarket's UMA CTF adapter contract.
How did the theft occur? The attackers managed to siphon off funds from the internal wallet and distributed the stolen POL tokens across at least 16 different addresses. These funds were then funneled through centralized exchanges and other services. Analytics from Bubblemaps revealed that the perpetrators extracted around 5,000 POL every 30 seconds until withdrawal activity mysteriously ceased.
Among the latest updates, Polymarket has reported that suspected withdrawals have stopped and confirmed the incident was isolated to their internal operations. Importantly, the safety of user funds has not been compromised, and the core systems remained intact throughout the incident.
In a statement, Polymarket's Shantikiran Chanal explained that the company is actively rotating keys for their backend services and thoroughly investigating any internal secrets that might have been impacted. They appreciate the community's patience during this testing time.
What should investors take away from this? It's crucial for investors to follow updates from platforms they engage with and remain informed about security practices and measures being implemented, especially after incidents like these.