The attackers utilized a sophisticated phishing campaign involving malicious EIP-7702 delegated execution, which tricked users into approving harmful wallet transactions while the interface appeared functional. According to PeckShield, the stolen funds were moved from the Polygon network to Ethereum, eventually converted into approximately 1,893 ETH and consolidated into a single address. This breach highlights the increasing vulnerability of platforms to third-party dependencies, as the core protocol remained untouched while the website’s browser-loaded scripts facilitated the theft.
Polymarket has confirmed the containment of the malicious dependency and is currently in the process of contacting impacted individuals. This event represents the 89th reported crypto security breach of the second quarter, marking a record high for industry incidents. The timing of the hack complicates an already difficult period for the platform, which is currently facing inquiries from U.S. Senators Adam Schiff and John Curtis regarding its advertising practices and the adequacy of regulatory oversight for prediction markets.
Comments (0)
No comments yet. Be the first!