The post Polymarket Clarifies $660,000 Drain Was Not a Contract Exploit appeared first on Coinpedia Fintech News An attacker is allegedly actively draining fundsThe post Polymarket Clarifies $660,000 Drain Was Not a Contract Exploit appeared first on Coinpedia Fintech News An attacker is allegedly actively draining funds

Polymarket Clarifies $660,000 Drain Was Not a Contract Exploit

2026/05/22 18:30
2 min read
For feedback or concerns regarding this content, please contact us at [email protected]
Truebit Protocol Suffered a $26.5 million Hack as the TRU Token Crashed 100%

The post Polymarket Clarifies $660,000 Drain Was Not a Contract Exploit appeared first on Coinpedia Fintech News

An attacker is allegedly actively draining funds from Polymarket’s UMA CTF Adapter contract on Polygon in a live exploit first identified by onchain investigator ZachXBT. Losses have climbed from an initial $520,000 to more than $660,000 as the attack continues, with the attacker removing approximately 5,000 POL tokens every 30 seconds.

Bubblemaps, Lookonchain, and PeckShield have all independently confirmed the exploit is ongoing. Users have been advised to pause all Polymarket activity immediately.

However, in a latest update, Polymarket’s VP of Engineering has issued a clarification. No Polymarket contracts were exploited. No UMA contracts were exploited. All user funds on the platform remain safe.

How the Attack Is Unfolding

The attacker wallet is executing repeated small withdrawals from contracts linked to Polymarket’s UMA CTF Adapter system on Polygon at a consistent 30-second interval. Each transaction removes approximately 5,000 POL tokens. The cumulative total has already exceeded $660,000 and is rising.

To complicate recovery efforts the attacker has already split stolen funds across 15 separate wallet addresses. A portion of the stolen funds has been deposited into ChangeNOW, a swap service that can be used to convert and obscure the origin of funds.

The primary exploit address has been identified as 0x8F98075db5d6C620e8D420A8c516E2F2059d9B91. PeckShield also flagged two additional drained addresses: 0x871D…9082 and 0xf61e…4805.

Polymarket’s Response

Polymarket confirmed it is investigating the issue and stated that user funds on the platform itself remain safe. The exploit appears contained to the UMA CTF Adapter contract rather than Polymarket’s core platform infrastructure.

No further official statement had been issued at the time of writing despite the attack remaining active.

What Users Should Do

Onchain security analysts are advising all Polymarket users to pause activity on the platform until the exploit is fully contained and Polymarket issues a formal update. Anyone with funds in contracts connected to the UMA CTF Adapter on Polygon should monitor their positions closely.

The exploit remains active. Loss figures are expected to rise further before the attack is contained.

Market Opportunity
Notcoin Logo
Notcoin Price(NOT)
$0.0003897
$0.0003897$0.0003897
+0.33%
USD
Notcoin (NOT) Live Price Chart

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.