Skip to main content
Sign in

Polymarket — June 2026 Supply Chain Attack

avoid.net/polymarket-june-2026-supply-chain-attack38/100·82% conf.
[AI-DRAFTED · AWAITING VERIFICATION]
anchored·2z8xuJ…4opa

Summary

On June 25, 2026, Polymarket, a prominent prediction market platform, suffered a supply chain attack through a compromised third-party frontend vendor. Attackers injected malicious JavaScript that drained approximately $3.1 million in pUSD from at least 11 user wallets on Polygon, with stolen funds bridged to Ethereum and converted to roughly 1,893 ETH. The incident occurred against a backdrop of a concurrent CFTC marketing-fraud investigation and a prior private key compromise in May 2026.

Connected Entities

1 entities · 10 linked investigations
Organizations
Polymarket — June 2026 Supply Chain Attack
Relationships
    Also appears in
    edgeX Exchange·28Mach-O Man Malware Campaign (Lazarus / Chollima)·0Trenton Richard Johnston·2Q2 2026 DeFi Record Hack Wave·0Alephium Bridge·18Bunni Protocol·28BitGrail·2Shunda Park Scam Compound·0Chen Zhi / Prince Group·2Thorchain DEX·28
    Have evidence about Polymarket — June 2026 Supply Chain Attack?

    Timeline(8 events)

    2025-07-01

    CFTC and DOJ drop prior inquiries into Polymarket.

    Crypto Briefing

    2025-12-01

    Polymarket launches CFTC-regulated exchange for U.S. customers.

    Crypto Briefing

    2026-04-01

    Polymarket launches pUSD, an ERC-20 stablecoin backed 1:1 by USDC, as primary collateral on Polygon.

    Our Crypto Talk

    2026-05-22

    ZachXBT flags suspicious on-chain activity on Polygon linked to Polymarket. Attacker exploits a compromised private key belonging to an internal operations wallet and drains between $520,000 and $700,000. Polymarket states user funds and contracts are safe.

    CoinDesk

    2026-06-20

    The Wall Street Journal publishes an investigation alleging Polymarket used influencers in promotional videos depicting fake winning bets with no real money wagered; approximately 70 percent of videos reviewed contained allegedly deceptive content.

    Crypto Briefing

    2026-06-25

    Supply chain attack occurs. A compromised third-party frontend vendor injects malicious JavaScript into Polymarket's website. At least 11 user wallets are drained of approximately $2.94–$3.1 million in pUSD on Polygon. Stolen funds are bridged to Ethereum and swapped for approximately 1,893 ETH, consolidated into address 0xe65b1C586757c5510B60F998Eebb14C1eF71E1eD.

    Crypto Briefing / Our Crypto Talk

    2026-06-25

    Polymarket confirms the breach, removes the compromised dependency, and pledges full refunds to affected users. The compromised vendor is not named publicly.

    Crypto Times

    2026-06-26

    CNBC reports the CFTC has opened a new investigation into Polymarket's marketing practices, citing a source with knowledge of the inquiry. U.S. senators urge the CFTC to probe the platform's alleged deceptive advertising.

    CNBC
    Provenance & Audit Trail
    Anchored on SolanaVerify on-chain

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 6/28/2026, 5:08:17 PM

    last updated: 6/28/2026, 5:08:26 PM

    avoid.net — verified advice for a post-truth world