Polymarket confirms security vulnerability incident: user accounts compromised, third-party authentication provider identified as the culprit

Source: PortaldoBitcoin Original Title: Users of Polymarket suffer attack and company blames partner failure Original Link: Prediction market platform Polymarket confirms recent security vulnerability attack, affecting some users. The vulnerability stemmed from a security flaw in a third-party identity verification provider.

Earlier this week, users began reporting unauthorized account access and fund losses on social media. One user stated they received three failed login alerts, but their device and email-linked accounts showed no signs of intrusion. However, after logging into Polymarket, they found all positions had been closed, and their account balance was nearly zero.

Other users also reported similar situations, with accounts being emptied shortly after receiving login notifications, despite claiming they did not click suspicious links and had enabled basic security measures such as email two-factor authentication.

According to social media information, affected users mainly created their Polymarket accounts through Magic Labs. Magic Labs is a service that allows users to log in via email and automatically generate a non-custodial Ethereum wallet. This registration method is common among cryptocurrency newcomers and may have expanded the scope of the issue.

On Tuesday, Polymarket officially acknowledged the incident on their Discord channel, stating that they identified and fixed the vulnerability affecting some users. The company said the vulnerability originated from a third-party authentication provider and has now been patched, with no additional risks.

Polymarket did not disclose the number of affected accounts, total losses, or the names of involved third-party services but stated they would contact affected users directly.

“We recently identified and resolved a security issue affecting a small number of users. The problem was caused by a vulnerability introduced by a third-party authentication provider,” Polymarket wrote on Discord.

This incident has once again raised concerns about the platform’s security. The platform has faced similar issues in the past. In September 2024, users accessing the service via Google accounts reported wallet clearances, with attackers exploiting proxy-type function calls to transfer USDC to phishing addresses.

At that time, Polymarket also indicated the possible existence of a vulnerability related to the third-party authentication provider. Recently, a phishing activity in the website’s comment section resulted in losses exceeding $500,000, with scammers tricking users into logging into a fraudulent page disguised as a legitimate website.