Уязвимость стороннего провайдера снова подставила пользователей Polymarket под удар хакеров Translated Headline: A Third-Party Provider Vulnerability Puts Polymarket Users at Risk of Hackers Again

The prediction platform Polymarket has confirmed that several users were affected by a hack related to a vulnerability in a third-party provider.

This week, social media began to report instances where users complained about unauthorized login attempts on their accounts and the depletion of their balances.

«I woke up today to see that there had been three login attempts on my profile at Polymarket. My device is not compromised, Google found nothing suspicious, and all my other services are functioning normally. I accessed the platform and noticed that all my trades had been closed, and my balance stood at $0.01,» wrote one of the platform’s users on Reddit.

Another affected user reported receiving a series of login notifications, after which they discovered missing funds. They emphasized that they had not clicked on any suspicious links and had been using two-factor authentication.

Based on comments, the issue appears to have impacted Polymarket clients utilizing the Magic Labs service, which allows users to log in using email and creates non-custodial Ethereum wallets. This method is particularly popular among novice crypto investors.

«We recently identified and resolved a security issue affecting a small number of users. The problem stemmed from a vulnerability introduced by a third-party authentication provider,» stated Polymarket.

The platform did not disclose the exact number of affected users, the total damage incurred, or the identity of the provider responsible for the issue.

This isn’t the first similar incident at Polymarket. In September 2024, several users who logged in via Google fell victim to the complete draining of their wallets.

Hackers manipulated proxy features to automatically transfer USDC to their addresses. An investigation by the platform revealed that the vulnerability was also tied to third-party authentication providers.

In November 2025, criminals launched a large-scale phishing campaign in the Polymarket comments section. The fraudsters spread phishing links disguised as official resources, tricking victims into providing their credentials. The damage from this scheme exceeded $500,000.

It is worth noting that Polymarket has resumed operations in the U.S. after resolving its conflict with local regulators.