- Trending
- Comments
- Latest
Multiple Polymarket users reported drained account balances this week following a security breach traced to Magic Labs, a third-party email-based authentication provider used by the prediction market platform.
Polymarket confirmed the incident on its Discord channel, stating that a “vulnerability introduced by a third-party authentication provider” affected a small number of users but has since been resolved.
Affected traders described unauthorized logins, forced position closures, and near-zero balances, with some losses occurring despite two-factor authentication being enabled.
According to user reports, the Polymarket hack disproportionately affected accounts created via Magic Labs, a popular email-based onboarding service that generates non-custodial Ethereum wallets.
Magic Labs is commonly used by first-time crypto participants who lack existing wallets, making it a critical access point — and a tempting attack surface.
Magic Labs’ frictionless onboarding has fueled Polymarket’s growth, but the incident highlights how third-party dependencies can amplify systemic risk, even for non-custodial platforms.
Victims of the Polymarket hack described chillingly similar patterns. One trader reported waking up to three login alerts before discovering that all positions had been closed and their balance reduced to $0.01.
“My device isn’t compromised, Google found nothing suspicious, all other services are fine,” the user wrote. “I realized all my deals were closed and my balance was gone.”
Another affected trader echoed the claim, stating they had two-factor authentication enabled on their email and did not interact with any suspicious links — underscoring the severity of the Polymarket hack narrative.
Security fears escalated when 23pds, Chief Information Security Officer at blockchain security firm SlowMist, amplified a community warning about malicious code embedded in a Polymarket copy-trading bot hosted on GitHub.
The warning suggested hackers were leveraging the Polymarket comment section to promote scams, a claim previously highlighted by Cryptopolitan, which reported estimated user losses exceeding $500,000.
In response to the growing backlash, Polymarket addressed the Polymarket hack directly in its official Discord channel.
“We recently identified and resolved a security issue affecting a small number of users,” the team wrote.
“The issue was caused by a vulnerability introduced by a third-party authentication provider. We will be in contact with impacted users.”
The statement aimed to reassure the community but stopped short of confirming reimbursements, leaving many users demanding greater transparency.
Adding controversy to the Polymarket hack, one trader claimed Polymarket’s AI support initially blamed Polygon, the network currently hosting the platform.
“First line AI support told me it’s an issue with Polygon, which is obviously nonsense,” the user said. “A human later told me how to trace where my funds went.”
The claim drew criticism, particularly as Mustafa, a Polymarket team member, has already confirmed plans to migrate away from Polygon and launch an Ethereum Layer-2 network called POLY, now described as the project’s top priority.
Despite the Polymarket hack, the platform continues to post staggering growth metrics. Polymarket recorded 419,309 active users this month, processed 19.63 million transactions, and surpassed $1.538 billion in total trading volume — numbers that position it as a dominant force in on-chain prediction markets.
Yet the hack serves as a stark reminder that scale magnifies risk. As Polymarket pushes deeper into the U.S. market, security failures — even from third-party tools — carry reputational consequences.
The Polymarket hack underscores a hard truth: non-custodial does not mean invulnerable.
As crypto platforms race to simplify onboarding, third-party authentication layers may become the industry’s weakest link.
For users, the message is clear — convenience comes with trade-offs, and vigilance remains non-negotiable.
