{"id":60220,"date":"2025-12-24T17:23:58","date_gmt":"2025-12-24T14:23:58","guid":{"rendered":"https:\/\/coinengineer.net\/blog\/?p=60220"},"modified":"2025-12-24T17:23:58","modified_gmt":"2025-12-24T14:23:58","slug":"security-warning-for-users-from-polymarket","status":"publish","type":"post","link":"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/","title":{"rendered":"Security Warning for Users from Polymarket!"},"content":{"rendered":"<p>As interest in decentralized applications continues to grow in the cryptocurrency market, security risks are once again coming into focus. Decentralized prediction market platform <strong>Polymarket<\/strong> has confirmed that some user accounts were affected due to a vulnerability in a third-party identity authentication provider. While users reported that funds in their accounts had decreased or been completely drained, Polymarket stated that the issue has been resolved.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_71 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 eztoc-toggle-hide-by-default' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#User_Complaints_Trend_on_Social_Media\" title=\"User Complaints Trend on Social Media\">User Complaints Trend on Social Media<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#Official_Statement_from_Polymarket\" title=\"Official Statement from Polymarket\">Official Statement from Polymarket<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#Similar_Incidents_Occurred_in_the_Past\" title=\"Similar Incidents Occurred in the Past\">Similar Incidents Occurred in the Past<\/a><\/li><\/ul><\/nav><\/div>\n<h2 data-start=\"504\" data-end=\"545\"><span class=\"ez-toc-section\" id=\"User_Complaints_Trend_on_Social_Media\"><\/span>User Complaints Trend on Social Media<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p data-start=\"547\" data-end=\"946\">Since the beginning of the week, posts from Polymarket users on platforms such as X and Reddit have drawn attention. Many users reported unauthorized login attempts on their accounts and said their balances had been emptied. The fact that even technically knowledgeable users were affected has heightened concerns that the security flaw may be systemic rather than the result of individual mistakes.<\/p>\n<p data-start=\"948\" data-end=\"1305\">One Reddit user stated that they noticed repeated login attempts on their account and, upon accessing the platform, found that all their positions had been closed and their balance nearly wiped out. Similarly, other users reported fund losses despite not clicking on any suspicious links and having two-factor authentication enabled on their email accounts.<\/p>\n<p data-start=\"948\" data-end=\"1305\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-60221 aligncenter\" src=\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1-300x47.jpg\" alt=\"\" width=\"900\" height=\"141\" srcset=\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1-300x47.jpg 300w, https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1-1024x161.jpg 1024w, https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1-768x121.jpg 768w, https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1.jpg 1280w\" sizes=\"auto, (max-width: 900px) 100vw, 900px\" \/><\/p>\n<p data-start=\"1392\" data-end=\"1882\">According to user feedback, the security breach is alleged to have primarily affected users who registered on Polymarket via Magic Labs infrastructure. Magic Labs is known as a third-party provider that enables email-based login and creates non-custodial Ethereum wallets. Due to its ease of use, this system is widely preferred by investors new to crypto. These claims have reignited discussions about the risks that third-party authentication services can pose to decentralized platforms.<\/p>\n<h2 data-start=\"1884\" data-end=\"1922\"><span class=\"ez-toc-section\" id=\"Official_Statement_from_Polymarket\"><\/span>Official Statement from Polymarket<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p data-start=\"1924\" data-end=\"2054\">Polymarket acknowledged the security incident in a statement shared on its official Discord channel on Tuesday. The platform said:<\/p>\n<blockquote>\n<p data-start=\"2058\" data-end=\"2249\">\u201cWe recently identified and resolved a security issue that affected a small number of users. The issue stemmed from a vulnerability related to a third-party identity authentication provider.\u201d<\/p>\n<\/blockquote>\n<p data-start=\"2251\" data-end=\"2508\">The company did not disclose the number of affected users or the total value of the stolen funds, nor did it name the third-party provider responsible. However, it emphasized that the vulnerability has been fixed and that there is currently no ongoing risk.<\/p>\n<h2 data-start=\"2510\" data-end=\"2552\"><span class=\"ez-toc-section\" id=\"Similar_Incidents_Occurred_in_the_Past\"><\/span>Similar Incidents Occurred in the Past<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p data-start=\"2554\" data-end=\"2891\">This incident has once again brought Polymarket\u2019s previous security issues back into the spotlight. In September 2024, some users who logged in via Google accounts reported that their wallets had been drained. At the time, it was explained that attackers redirected USDC assets to phishing addresses by exploiting \u201cproxy\u201d function calls.<\/p>\n<p data-start=\"2893\" data-end=\"3107\">Additionally, last month, a phishing campaign targeting the platform\u2019s comment sections reportedly caused users to lose more than $500,000. In those attacks, user login credentials were obtained through fake links.<\/p>\n<p data-start=\"2846\" data-end=\"3128\"><em class=\"darkmysite_style_txt_border darkmysite_processed\" data-darkmysite_alpha_bg=\"rgba(0, 0, 0, 0)\">You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don\u2019t forget to follow us on our\u00a0<a class=\"darkmysite_style_txt_border darkmysite_style_link darkmysite_processed\" href=\"https:\/\/t.me\/coinengineernews\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" data-darkmysite_alpha_bg=\"rgba(0, 0, 0, 0)\">Telegram,\u00a0<\/a><a class=\"darkmysite_style_txt_border darkmysite_style_link darkmysite_processed\" href=\"https:\/\/www.youtube.com\/@CoinEngineer\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" data-darkmysite_alpha_bg=\"rgba(0, 0, 0, 0)\">YouTube<\/a>,\u00a0and\u00a0<a class=\"darkmysite_style_txt_border darkmysite_style_link darkmysite_processed\" href=\"https:\/\/twitter.com\/coinengineers\" target=\"_blank\" rel=\"nofollow noopener\" data-darkmysite_alpha_bg=\"rgba(0, 0, 0, 0)\">Twitter<\/a>\u00a0channels for the latest\u00a0<a class=\"darkmysite_style_txt_border darkmysite_style_link darkmysite_processed\" title=\"News\" href=\"https:\/\/coinengineer.net\/blog\/news\/\" data-internallinksmanager029f6b8e52c=\"7\" data-darkmysite_alpha_bg=\"rgba(0, 0, 0, 0)\">news<\/a>\u00a0and updates<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As interest in decentralized applications continues to grow in the cryptocurrency market, security risks are once again coming into focus. Decentralized prediction market platform Polymarket has confirmed that some user accounts were affected due to a vulnerability in a third-party identity authentication provider. While users reported that funds in their accounts had decreased or been<\/p>\n","protected":false},"author":37,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9,2],"tags":[393,840,847,336,58,3014],"class_list":["post-60220","post","type-post","status-publish","format-standard","hentry","category-crypto-news","category-news","tag-crypto","tag-crypto-market","tag-crypto-news","tag-cryptocurrencies","tag-cryptocurrency","tag-polymarket"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Security Warning for Users from Polymarket!<\/title>\n<meta name=\"description\" content=\"As interest in decentralized applications continues to grow in the cryptocurrency market, security risks are once again coming into focus.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Warning for Users from Polymarket!\" \/>\n<meta property=\"og:description\" content=\"As interest in decentralized applications continues to grow in the cryptocurrency market, security risks are once again coming into focus.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/\" \/>\n<meta property=\"og:site_name\" content=\"Coin Engineer\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-24T14:23:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/10\/polymarket-ce.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Haciyev Re\u015fit\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Haciyev Re\u015fit\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/\",\"url\":\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/\",\"name\":\"Security Warning for Users from Polymarket!\",\"isPartOf\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1-300x47.jpg\",\"datePublished\":\"2025-12-24T14:23:58+00:00\",\"dateModified\":\"2025-12-24T14:23:58+00:00\",\"author\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/0a41a1cb75098be284f7e4059f16414d\"},\"description\":\"As interest in decentralized applications continues to grow in the cryptocurrency market, security risks are once again coming into focus.\",\"breadcrumb\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#primaryimage\",\"url\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1.jpg\",\"contentUrl\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1.jpg\",\"width\":1280,\"height\":201},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/coinengineer.net\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Warning for Users from Polymarket!\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#website\",\"url\":\"https:\/\/coinengineer.net\/blog\/\",\"name\":\"Coin Engineer\",\"description\":\"Btc, Coins, Pre-Sale, DeFi, NFT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/coinengineer.net\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/0a41a1cb75098be284f7e4059f16414d\",\"name\":\"Haciyev Re\u015fit\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/81e6744485703e8cb037d007140fc0422afba118e8449ed7c8f37ecb2e6b4463?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/81e6744485703e8cb037d007140fc0422afba118e8449ed7c8f37ecb2e6b4463?s=96&d=mm&r=g\",\"caption\":\"Haciyev Re\u015fit\"},\"url\":\"https:\/\/coinengineer.net\/blog\/author\/cmhaciyev\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security Warning for Users from Polymarket!","description":"As interest in decentralized applications continues to grow in the cryptocurrency market, security risks are once again coming into focus.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/","og_locale":"en_US","og_type":"article","og_title":"Security Warning for Users from Polymarket!","og_description":"As interest in decentralized applications continues to grow in the cryptocurrency market, security risks are once again coming into focus.","og_url":"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/","og_site_name":"Coin Engineer","article_published_time":"2025-12-24T14:23:58+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/10\/polymarket-ce.jpg","type":"image\/jpeg"}],"author":"Haciyev Re\u015fit","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Haciyev Re\u015fit","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/","url":"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/","name":"Security Warning for Users from Polymarket!","isPartOf":{"@id":"https:\/\/coinengineer.net\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#primaryimage"},"image":{"@id":"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#primaryimage"},"thumbnailUrl":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1-300x47.jpg","datePublished":"2025-12-24T14:23:58+00:00","dateModified":"2025-12-24T14:23:58+00:00","author":{"@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/0a41a1cb75098be284f7e4059f16414d"},"description":"As interest in decentralized applications continues to grow in the cryptocurrency market, security risks are once again coming into focus.","breadcrumb":{"@id":"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#primaryimage","url":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1.jpg","contentUrl":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2025\/12\/poly-1.jpg","width":1280,"height":201},{"@type":"BreadcrumbList","@id":"https:\/\/coinengineer.net\/blog\/security-warning-for-users-from-polymarket\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/coinengineer.net\/blog\/"},{"@type":"ListItem","position":2,"name":"Security Warning for Users from Polymarket!"}]},{"@type":"WebSite","@id":"https:\/\/coinengineer.net\/blog\/#website","url":"https:\/\/coinengineer.net\/blog\/","name":"Coin Engineer","description":"Btc, Coins, Pre-Sale, DeFi, NFT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/coinengineer.net\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/0a41a1cb75098be284f7e4059f16414d","name":"Haciyev Re\u015fit","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/81e6744485703e8cb037d007140fc0422afba118e8449ed7c8f37ecb2e6b4463?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/81e6744485703e8cb037d007140fc0422afba118e8449ed7c8f37ecb2e6b4463?s=96&d=mm&r=g","caption":"Haciyev Re\u015fit"},"url":"https:\/\/coinengineer.net\/blog\/author\/cmhaciyev\/"}]}},"_links":{"self":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/60220","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/users\/37"}],"replies":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/comments?post=60220"}],"version-history":[{"count":1,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/60220\/revisions"}],"predecessor-version":[{"id":60222,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/60220\/revisions\/60222"}],"wp:attachment":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/media?parent=60220"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/categories?post=60220"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/tags?post=60220"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}