Bitcoin Dips on Renewed US Strikes on Iran: Is the Peace Deal Off?
Bitcoin dips below $76,500 as US resumes strikes on Iran.
CryptoPotato1 min read
Polymarket Hit By ‘Internal Top-Up’ Wallet Exploit, $700K Drained
TL;DR
Polymarket suffered a wallet exploit resulting in a loss of approximately $700,000 due to a private key compromise of an internal top-up wallet. User funds and market outcomes remain secure, according to the developers.
Key points
- Polymarket lost approximately $700,000 due to a wallet exploit.
- The exploit was linked to a private key compromise of an internal wallet.
- User funds and market outcomes are reported to be safe.
- The stolen funds were routed through centralized exchanges.
- The incident raises concerns about operational security in crypto.
Mentioned in this story
PolymarketZachXBTBubblemapsBlockSecCyversAndy Yajin ZhouHakan UnalDan Dadybayo
In brief
- On-chain investigator ZachXBT flagged a suspected drain from a wallet linked to Polymarket’s Polygon infrastructure Friday.
- Polymarket devs said an “internal top-up” wallet was drained, while user funds and market outcomes remain safe.
- On-chain analytics platform Bubblemaps later estimated the loss at about $700,000 across 16 addresses. On-chain investigator ZachXBT flagged a suspected drain tied to Polymarket on Friday, saying over $520,000 had been taken from addresses linked to the prediction market’s Polygon infrastructure. Polymarket developers later acknowledged the incident and said it involved an internal rewards wallet and did not affect user funds or market outcomes. “Findings point to a private key compromise of a wallet used for internal top-up operations, not contracts or core infrastructure,” the Polymarket Developers account tweeted.
We’re aware of the security reports linked to rewards payout. User funds and market resolution are safe.
Findings point to a private key compromise of a wallet used for internal top-up operations, not contracts or core infrastructure.
More updates to follow.
— Polymarket Developers (@PolymarketDevs) May 22, 2026 Over an hour after the initial disclosure, on-chain analytics platform Bubblemaps estimated the loss at about $700,000, saying the funds were split across 16 addresses and routed through centralized exchanges and other services. Prediction markets on Polymarket use contracts that record bets and pay winners after an outside service confirms the result. The wallet involved in Friday’s incident appears to have been used for rewards payments, separate from the contracts that handle user funds and market outcomes. UPDATE: ~$700k exploited
• Suspected withdrawals have stopped • Polymarket said the incident was isolated and user funds are safe
The stolen funds were split across 16 addresses and routed through CEXs and other services
Exploiter addresses:…
Q&A
What caused the $700,000 loss at Polymarket?
The loss was caused by a private key compromise of an internal top-up wallet, as confirmed by Polymarket developers.
How many addresses were involved in the Polymarket exploit?
The stolen funds were split across 16 addresses during the exploit.
Are user funds safe after the Polymarket wallet exploit?
Yes, Polymarket developers stated that user funds and market outcomes are safe and unaffected by the incident.
What are the implications of the Polymarket exploit for crypto security?
The incident highlights operational security risks, particularly regarding key management and access control for wallets used in routine operations.
