The post Polymarket Clarifies $660,000 Drain Was Not a Contract Exploit appeared first on Coinpedia Fintech News An attacker is allegedly actively draining fundsThe post Polymarket Clarifies $660,000 Drain Was Not a Contract Exploit appeared first on Coinpedia Fintech News An attacker is allegedly actively draining funds

Polymarket Clarifies $660,000 Drain Was Not a Contract Exploit

2026/05/22 18:30
Okuma süresi: 2 dk
Bu içerikle ilgili geri bildirim veya endişeleriniz için lütfen crypto.news@mexc.com üzerinden bizimle iletişime geçin.
Truebit Protocol Suffered a $26.5 million Hack as the TRU Token Crashed 100%

The post Polymarket Clarifies $660,000 Drain Was Not a Contract Exploit appeared first on Coinpedia Fintech News

An attacker is allegedly actively draining funds from Polymarket’s UMA CTF Adapter contract on Polygon in a live exploit first identified by onchain investigator ZachXBT. Losses have climbed from an initial $520,000 to more than $660,000 as the attack continues, with the attacker removing approximately 5,000 POL tokens every 30 seconds.

Bubblemaps, Lookonchain, and PeckShield have all independently confirmed the exploit is ongoing. Users have been advised to pause all Polymarket activity immediately.

However, in a latest update, Polymarket’s VP of Engineering has issued a clarification. No Polymarket contracts were exploited. No UMA contracts were exploited. All user funds on the platform remain safe.

How the Attack Is Unfolding

The attacker wallet is executing repeated small withdrawals from contracts linked to Polymarket’s UMA CTF Adapter system on Polygon at a consistent 30-second interval. Each transaction removes approximately 5,000 POL tokens. The cumulative total has already exceeded $660,000 and is rising.

To complicate recovery efforts the attacker has already split stolen funds across 15 separate wallet addresses. A portion of the stolen funds has been deposited into ChangeNOW, a swap service that can be used to convert and obscure the origin of funds.

The primary exploit address has been identified as 0x8F98075db5d6C620e8D420A8c516E2F2059d9B91. PeckShield also flagged two additional drained addresses: 0x871D…9082 and 0xf61e…4805.

Polymarket’s Response

Polymarket confirmed it is investigating the issue and stated that user funds on the platform itself remain safe. The exploit appears contained to the UMA CTF Adapter contract rather than Polymarket’s core platform infrastructure.

No further official statement had been issued at the time of writing despite the attack remaining active.

What Users Should Do

Onchain security analysts are advising all Polymarket users to pause activity on the platform until the exploit is fully contained and Polymarket issues a formal update. Anyone with funds in contracts connected to the UMA CTF Adapter on Polygon should monitor their positions closely.

The exploit remains active. Loss figures are expected to rise further before the attack is contained.

Piyasa Fırsatı
Notcoin Logosu
Notcoin Fiyatı(NOT)
$0.0003857
$0.0003857$0.0003857
-0.69%
USD
Notcoin (NOT) Canlı Fiyat Grafiği

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Sorumluluk Reddi: Bu sitede yeniden yayınlanan makaleler, halka açık platformlardan alınmıştır ve yalnızca bilgilendirme amaçlıdır. MEXC'nin görüşlerini yansıtmayabilir. Tüm hakları telif sahiplerine aittir. Herhangi bir içeriğin üçüncü taraf haklarını ihlal ettiğini düşünüyorsanız, kaldırılması için lütfen crypto.news@mexc.com ile iletişime geçin. MEXC, içeriğin doğruluğu, eksiksizliği veya güncelliği konusunda hiçbir garanti vermez ve sağlanan bilgilere dayalı olarak alınan herhangi bir eylemden sorumlu değildir. İçerik, finansal, yasal veya diğer profesyonel tavsiye niteliğinde değildir ve MEXC tarafından bir tavsiye veya onay olarak değerlendirilmemelidir.