Skip to main content
Esc

Type to search

Articles / stablecoin-infra / AMLBot Puts Polymarket Phishing Toll at $3.1M Across 11 Wallets, Funds Traced to Ethereum

AMLBot Puts Polymarket Phishing Toll at $3.1M Across 11 Wallets, Funds Traced to Ethereum

Total Loss
$3.1M
The confirmed amount stolen during the Polymarket supply-chain attack.
Affected Wallets
11
The number of wallets impacted by the Polymarket attack.
Total Value Locked
$432M
The total value locked on the Polymarket platform on Polygon.

§ 01 Executive Snapshot

  • What: A supply-chain attack on Polymarket resulted in approximately $3.1 million being stolen across 11 wallets.
  • Who: Blockchain intelligence firm AMLBot, on-chain investigator Specter, and Polymarket.
  • Why it matters: This incident highlights vulnerabilities in DeFi platforms and the ongoing threat of supply-chain attacks in the crypto space.

§ 02 Key Developments

  • AMLBot identified the total loss from the Polymarket attack at approximately $3.1 million in PUSD, which was confirmed through on-chain analysis.
  • The stolen funds were traced from Polygon to Ethereum and converted into roughly 1,893 ETH after the breach.
  • Polymarket confirmed that fewer than 15 accounts were affected during the attack, aligning with estimates from independent security researchers.

§ 03 Strategic Context

  • This incident is part of a broader trend in 2026 where supply-chain and front-end compromises have increasingly targeted DeFi infrastructures, indicating systemic vulnerabilities.
  • The attack emphasizes the importance of security in third-party vendor relationships, as the breach stemmed from a compromised vendor rather than a direct exploit of Polymarket's smart contracts.

§ 04 Strategic Implications

  • The immediate consequence includes reputational damage to Polymarket and potential loss of user trust, which could affect future platform engagement and growth.
  • Long-term implications may involve increased scrutiny and regulatory focus on security practices within DeFi platforms, as well as a push for stronger security measures across the sector.

§ 05 Risks & Constraints

  • A significant risk remains regarding the unidentified third-party vendor, which could pose further threats if not properly addressed.
  • Continued competition and scrutiny from other DeFi platforms could pressure Polymarket to enhance security measures quickly and transparently.

§ 06 Watchlist / Forward Signals

  • Polymarket has committed to refunding affected users but has not provided a public timeline for this process, which will be a key signal of their operational integrity.
  • Monitoring the identification and response to the compromised vendor will be crucial to understanding the long-term impacts of this incident on Polymarket's security posture.
§ 07

Frequently Asked Questions

What happened in the Polymarket incident?

A supply-chain attack on Polymarket resulted in approximately $3.1 million being stolen across 11 wallets.

Who identified the total loss from the Polymarket attack?

The total loss was identified by blockchain intelligence firm AMLBot and on-chain investigator Specter.

How were the stolen funds managed after the breach?

The stolen funds were traced from Polygon to Ethereum and converted into roughly 1,893 ETH after the breach.

Why is this incident significant for DeFi platforms?

This incident highlights vulnerabilities in DeFi platforms and the ongoing threat of supply-chain attacks in the crypto space.

§ 08

Related Articles