Earn with Nexo
Polymarket says user funds safe after admin wallet compromise triggers $700,000 theft
The attacker was reportedly draining around 5,000 POL every 30 seconds before the activity stopped.
Polymarket is probing a security incident after attackers used a compromised internal Polygon wallet to siphon roughly $700,000 worth of POL.
Blockchain sleuth ZachXBT first flagged the exploit and identified connections to a Polymarket UMA CTF adapter contract.
The stolen funds were split across at least 15 addresses and routed through centralized exchanges and other services. According to onchain analytics platform Bubblemaps, attackers extracted around 5,000 POL every 30 seconds before suspicious withdrawals ceased.
UPDATE: ~$700k exploited
• Suspected withdrawals have stopped
• Polymarket said the incident was isolated and user funds are safeThe stolen funds were split across 16 addresses and routed through CEXs and other services
Exploiter addresses:… https://t.co/gSXWv7UywX
— Bubblemaps (@bubblemaps) May 22, 2026
Polymarket’s Shantikiran Chanal said in a statement that the incident was isolated to their internal operations infrastructure and confirmed that user funds and core systems were not affected.
We are rotating keys in our backend services, we are investigating any other internal secrets that might have been affected.
Thank you guys for your patience!
— Shantikiran Chanal (@ShantikiranC) May 22, 2026