Hackers Move Fast, Refunds Promised
On Thursday, Polymarket confirmed that hackers had siphoned off approximately $3.1 million in PUSD tokens from 11 user wallets, following a sophisticated attack that exploited a third-party vendor. The attackers managed to inject malicious code into Polymarket’s frontend, specifically targeting users and draining their balances. Blockchain intelligence group AMLBot was among the first to publicly report the scale of the theft, noting that the stolen assets were rapidly moved from Polygon to Ethereum via cross-chain bridges.
Polymarket responded by assuring its community that all affected users holding its native PUSD token would receive full refunds. The platform stated that the underlying vulnerability had been contained and that the compromised dependency was removed from its systems. This incident marks at least the 89th crypto security breach recorded in the second quarter of this year, with June alone seeing $74.9 million lost across 29 reported exploits.
Senators Demand Answers on Fake Trades
While Polymarket scrambled to address user losses, political pressure mounted in Washington. On Thursday, Senators Adam Schiff (D-CA) and John Curtis (R-UT) sent a letter to Commodity Futures Trading Commission Chairman Michael Selig, demanding clarity on whether the agency is investigating allegations of deceptive advertising tied to Polymarket’s marketing campaigns. The senators referenced a Wall Street Journal investigation revealing that Polymarket paid influencers to stage nearly $1.9 million in fake bets as part of a promotional strategy.
The senators want answers from the CFTC by July 10.
The Journal’s review of over 1,100 influencer videos found that about 70% featured simulated trades rather than real wagers, raising questions about transparency and consumer protection on prediction markets. Many creators reportedly failed to disclose their compensation from Polymarket, creating further regulatory headaches for the company. Despite these revelations, it remains unclear whether the CFTC’s ongoing inquiry is focused solely on advertising practices or if it encompasses broader compliance concerns.
See Also
Phishing Tactics Shift Stolen Funds Quickly
The technical details behind the recent hack show how quickly attackers can adapt phishing tactics for maximum profit. Blockchain security firm PeckShield reported that hackers launched a targeted phishing campaign against Polymarket users, initially estimating losses at around 1,893 ETH—roughly equivalent to $3 million at current prices. Specter Analyst later confirmed that at least $2.94 million was drained from 11 wallets through this method.
On paper, decentralized prediction markets like Polymarket are supposed to offer transparency and trustless settlement; in practice, vulnerabilities in third-party integrations can undermine user safety within hours. In March, an earlier breach saw more than $520,000 drained from two smart contracts on Polygon, while another $600,000 exploit last month was traced back to an internal private key issue dating back six years.
Influencer Videos Faked, Bets Questioned
The fallout from staged influencer content has added another layer of scrutiny for Polymarket’s operations. According to decrypt.co, the Wall Street Journal found evidence that nearly $2 million in fake bets appeared across hundreds of social media videos promoting the platform. This revelation prompted senators to ask whether the CFTC has both the authority and expertise needed to enforce consumer protections comparable to other financial regulators.
A spokesperson for Polymarket told reporters that the company is now conducting a comprehensive review of all active promotional content to ensure compliance with advertising standards and regulatory requirements. However, when pressed about both the senators’ letter and details of any ongoing CFTC investigation, Polymarket declined to comment further.
It’s unclear how quickly new compliance measures will be implemented or whether additional enforcement actions are imminent.
What to track going forward
The CFTC’s response to Senators Adam Schiff and John Curtis, due by July 10, will clarify whether the agency is investigating Polymarket’s alleged deceptive advertising; if the CFTC confirms an active probe into these claims, immediate regulatory scrutiny of Polymarket’s marketing practices would be established.