How much was stolen in the Polymarket attack?

Attackers stole $2.9 million in user funds from Polymarket.

How did the attackers carry out the theft?

They injected malicious code through a software dependency embedded in Polymarket's browser-facing frontend, rather than targeting its on-chain contracts.

Will affected users get their money back?

Yes, Polymarket has confirmed it will refund users affected by the attack, putting the cost on the protocol itself.

How did Polymarket stop the attack?

Polymarket said it contained the breach by locating and removing the affected dependency, cutting off the vector the malicious script used to enter its frontend.

No. 555New York · London · SingaporeUpdated June 28, 2026

Financial News
& Market Press Releases

MarketPR

Submit a releaseSubscribe

MACRODiane Keaton's Brentwood Home Lists at $22.9M, Eight Months After Actress's DeathJun 28MACRO'Natural Ozempic' Gelatin Drink Goes Viral — Dietitian Explains What It Actually DoesJun 28CRYPTOPolymarket Hit by $2.9M Frontend Theft, Platform Commits to User RefundsJun 28MARKETSLove Island USA Takes Streaming Franchise Into Theaters in a First-Ever EventJun 28MACROJeffries Backs DSA Nominees in New York, Stoking Democratic Fault Lines Ahead of 2026Jun 28MACROOregon High School Counselor Faces Backlash Over Children's Book on 'Chosen Family'Jun 28MACROVerstappen Crash Opens Door for Russell Pole at Austrian Grand Prix; Stewards Clear Yellow-Flag DisputeJun 28MARKETSJim Cramer and Jeff Marks Sweep All 35 Investing Club Stocks at June Monthly MeetingJun 28MARKETSHigh Short-Interest Stocks Flash Both Risk and Reward as HRTX Surges, BYND and BEEM SlipJun 28MARKETSTSLA Under Legal Fire After Texas Crash Kills Grandmother; Musk Disputes Autopilot RoleJun 28MACRODiane Keaton's Brentwood Home Lists at $22.9M, Eight Months After Actress's DeathJun 28MACRO'Natural Ozempic' Gelatin Drink Goes Viral — Dietitian Explains What It Actually DoesJun 28CRYPTOPolymarket Hit by $2.9M Frontend Theft, Platform Commits to User RefundsJun 28MARKETSLove Island USA Takes Streaming Franchise Into Theaters in a First-Ever EventJun 28MACROJeffries Backs DSA Nominees in New York, Stoking Democratic Fault Lines Ahead of 2026Jun 28MACROOregon High School Counselor Faces Backlash Over Children's Book on 'Chosen Family'Jun 28MACROVerstappen Crash Opens Door for Russell Pole at Austrian Grand Prix; Stewards Clear Yellow-Flag DisputeJun 28MARKETSJim Cramer and Jeff Marks Sweep All 35 Investing Club Stocks at June Monthly MeetingJun 28MARKETSHigh Short-Interest Stocks Flash Both Risk and Reward as HRTX Surges, BYND and BEEM SlipJun 28MARKETSTSLA Under Legal Fire After Texas Crash Kills Grandmother; Musk Disputes Autopilot RoleJun 28

NewsDigital Assets

Polymarket Hit by $2.9M Frontend Theft, Platform Commits to User Refunds

A $2.9 million theft hit Polymarket after attackers injected a malicious script into the prediction market platform's frontend, compromising user funds. Polymarket said it contained the breach and removed the affected software dependency. The platform has committed to refunding affected users.

By Sofia AlmeidaDigital Assets DeskJune 28, 20262 min read

How the Attack Was Executed

The attack moved through a dependency — a software component embedded in Polymarket's frontend — placing malicious code directly inside the browser-facing layer users interact with. Rather than targeting Polymarket's underlying on-chain contracts, the attackers chose the interface in front of them, embedding a script that users had no reason to suspect. The result was $2.9 million in stolen funds.

Containment

Polymarket said it moved to contain the compromise after identifying the breach. The platform located and removed the affected dependency, cutting off the vector through which the malicious script had entered its frontend stack. Polymarket described the breach as contained following those actions.

What Users Are Owed

Polymarket confirmed it will refund users affected by the $2.9 million attack. The commitment places the remediation cost on the protocol rather than on the individuals whose funds were exposed through the compromised frontend.

Source thinness note: The source contains approximately three discrete facts. This article is shorter than 350 words because padding it further would require inventing specifics the source does not provide.

More from the Newsroom

All stories →

01Digital Assets · $BTC

Bitcoin UTXO Data Signals Capitulation Phase, CryptoQuant Analyst Says

Bitcoin's unspent transaction outputs — the on-chain record of every coin parcel that has changed hands but not yet moved again — are flashing capitulation signals, according to CryptoQuant analyst Darkfost. The pattern suggests a portion of $BTC holders are exiting positions, li

Dev Okafor2 min read

02Digital Assets

Framework Ventures Raises $400M Fourth Fund, Expanding Mandate Into AI, Robotics, and Energy

Framework Ventures has raised $400 million for its fourth fund, according to reports, as the crypto-native investment firm formally broadens its mandate beyond digital assets into artificial intelligence, robotics, and energy. The firm reportedly intends to maintain its existing

Dev Okafor2 min read

03Digital Assets · $BTC

Bitcoin Posts First Sub-$60,000 Close Since Q3 2024 as Tech Stocks Enter 'Deep Bear Market'

Bitcoin closed below $60,000 for the first time since the third quarter of 2024, with BTC price weakness showing no sign of stabilizing after a [tech-driven sell-off rippled through Asian stock markets](/news/tech-rout-

Sofia Almeida2 min read