{"id":72926,"date":"2026-05-22T15:59:12","date_gmt":"2026-05-22T15:59:12","guid":{"rendered":"https:\/\/crowdfundjunction.com\/blog\/polymarket-suffers-700k-breach-after-internal-admin-wallet-is-compromised\/"},"modified":"2026-05-22T15:59:12","modified_gmt":"2026-05-22T15:59:12","slug":"polymarket-suffers-700k-breach-after-internal-admin-wallet-is-compromised","status":"publish","type":"post","link":"https:\/\/crowdfundjunction.com\/blog\/polymarket-suffers-700k-breach-after-internal-admin-wallet-is-compromised\/","title":{"rendered":"Polymarket Suffers $700K Breach After Internal Admin Wallet is Compromised"},"content":{"rendered":"<p><b>(Originally posted on : Bitcoin News )<\/b><br \/>\n<\/p>\n<div>\n<div class=\"@container mb-[25px] rounded-sm overflow-clip py-0.5 pr-0.5 pl-2.5 bg-success-100\">\n<div class=\"flex flex-col gap-m overflow-clip rounded-[6px] !bg-success-10 p-3 @[420px]:p-m\">\n<h2 class=\"m-0 flex items-center gap-s text-[19px] !text-[#1c1c1c] md:text-[20px]\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"16\" height=\"10\" viewbox=\"0 0 16 10\" fill=\"none\" class=\"shrink-0 text-success-100\" aria-hidden=\"true\"><path d=\"M1 1.5h14\" stroke=\"currentColor\" stroke-width=\"2.5\" stroke-linecap=\"round\"\/><path d=\"M1 8.5h10\" stroke=\"currentColor\" stroke-width=\"2.5\" stroke-linecap=\"round\"\/><\/svg><span>Key Takeaways<\/span><\/h2>\n<ul class=\"m-0 flex list-none flex-col gap-m pl-0\">\n<li class=\"m-0 flex items-start gap-s !text-[#434248]\"><span class=\"mt-2 size-2 shrink-0 rounded-full bg-success-100\" aria-hidden=\"true\"\/><span class=\"text-body\">Hackers drained $700K in POL from Polymarket after compromising a 6-year-old internal private key.<\/span><\/li>\n<li class=\"m-0 flex items-start gap-s !text-[#434248]\"><span class=\"mt-2 size-2 shrink-0 rounded-full bg-success-100\" aria-hidden=\"true\"\/><span class=\"text-body\">ZachXBT alerted users, but Polymarket confirmed all user funds remain fully safe.<\/span><\/li>\n<li class=\"m-0 flex items-start gap-s !text-[#434248]\"><span class=\"mt-2 size-2 shrink-0 rounded-full bg-success-100\" aria-hidden=\"true\"\/><span class=\"text-body\">To prevent further incidents, Polymarket will next move all private keys to KMS.<\/span><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<h2>Polymarket Faces Security Event: No User Funds Affected<\/h2>\n<p>Polymarket, one of the largest <span>prediction markets<\/span> in the world, experienced a security incident that alerted the platform\u2019s community.<\/p>\n<p>On Friday, <span>blockchain<\/span> intelligence researcher ZachXBT <a href=\"https:\/\/t.me\/investigations\/327\" target=\"_blank\" rel=\"noopener noreferrer\">pointed<\/a> to a possible compromise of the platform\u2019s admin address on Polygon, noting that a significant amount of funds had already been drained.<\/p>\n<p><\/p>\n<p>According to Bubblemaps, the attackers had been withdrawing 5,000 POL every 30 seconds, splitting the funds across 16 addresses, including <span>centralized exchanges<\/span> and other services. At the time of writing, reports <a href=\"https:\/\/x.com\/bubblemaps\/status\/2057759874730078450?s=20\" target=\"_blank\" rel=\"noopener noreferrer\">indicated<\/a> that the losses reached $700K.<\/p>\n<p>The platform later acknowledged the security event, with Polymarket\u2019s Shantikiran Chanal <a href=\"https:\/\/x.com\/ShantikiranC\/status\/2057754616230514957?s=20\" target=\"_blank\" rel=\"noopener noreferrer\">stating<\/a> that they were <strong>\u201caware of the security reports linked to rewards payout,\u201d<\/strong> but claiming that user funds and market resolution functions were safe.<\/p>\n<p><strong>\u201cFindings point to a <span>private key<\/span> compromise of a wallet used for internal operations, not contracts or core infrastructure,\u201d<\/strong> he specified. Furthermore, he explained that Polymarket was rotating its <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-a-private-key\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">private keys<\/a> for backend services and conducting an investigation for any internal secrets that could have been affected in the incident.<\/p>\n<p>In April, Polymarket reached trading volumes of over 9 billion. An exploit in the platform\u2019s contracts, depending on its nature, could put these funds in jeopardy.<\/p>\n<p>Nonetheless, Josh Stevens, VP of Engineering at Polymarket, offered a short post-mortem report, shedding more light on the situation.<\/p>\n<p><strong>\u201cWe had a 6-year-old <span>private key<\/span> that was compromised. This was in the internal top-up config, which is why funds were being sent to it. We have rotated this key, revoked all prod permissions and are moving all PKs to KMS keys from now on,\u201d<\/strong> he declared, coinciding with earlier reports that pointed to a <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-a-private-key\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">private key<\/a> being compromised.<\/p>\n<p><strong>\u201cNo polymarket or UMA contracts have been exploited. All user funds are safe, and using Polymarket.com is safe, so business as usual,\u201d <\/strong>he <a href=\"https:\/\/x.com\/devjoshstevens\/status\/2057768173915484505?s=20\" target=\"_blank\" rel=\"noopener noreferrer\">concluded<\/a>.<\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/news.bitcoin.com\/polymarket-suffers-700k-breach-after-internal-admin-wallet-is-compromised\/\">Source link <\/a><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Originally posted on : Bitcoin News ) Key Takeaways Hackers drained $700K in POL from Polymarket after compromising a 6-year-old internal private key. ZachXBT alerted users, but Polymarket confirmed all user funds remain fully safe. To prevent further incidents, Polymarket will next move all private keys to KMS. Polymarket Faces Security Event: No User Funds [&hellip;]<\/p>\n","protected":false},"author":15,"featured_media":72927,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[32],"tags":[],"_links":{"self":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/72926"}],"collection":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/comments?post=72926"}],"version-history":[{"count":0,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/72926\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media\/72927"}],"wp:attachment":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media?parent=72926"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/categories?post=72926"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/tags?post=72926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}