The Polymarket PUSD phishing attack reportedly drained nearly $3 million from user wallets after a compromised vendor added malicious code to Polymarket’s frontend.
PeckShieldAlert has reported the incident in a post on X, highlighted that the attacker transferred the stolen PUSD from Polygon to Ethereum before converting the amount to approximately 1,893 ETH.
According to on-chain data, a wallet starting with 0xe65b1C is holding 1,892.92 ETH. At reporting time, the balance is approximately $2.96 million.
Also Read: Thailand Illegal Crypto Mining Probe Targets Chinese Businessman Wang Yicheng
Polymarket PUSD Phishing Attack Triggers Large ETH Transfers
The Polymarket PUSD phishing attack triggered several large ETH transfers within a short period. The transfers included 138.7 ETH, 832.8 ETH, 114 ETH, 210 ETH, 272 ETH, and 325.4 ETH.
The transaction pattern matched the reported timeline of the phishing campaign. It also illustrated the speed at which stolen digital assets can shift once the user has authorized fake wallet pop-ups.
Polymarket said the incident came from a compromised third-party vendor. The company reported that the vendor had placed a malicious script in the front-end displayed to certain users.
The incident directly affects users who interacted with the compromised frontend and approved malicious wallet prompts.
Polymarket Attack Exposes Vendor Risks
The Polymarket PUSD phishing attack does not seem to be a direct breach of Polymarket’s main systems. But it did reveal the dangers associated with third-party software on crypto platforms.
The incident could make crypto users more wary of connecting to wallets and approving front ends. It may also raise more concern about vendor code used in Web3 applications.
The attacker transferred funds between chains and eventually consolidated the funds in ETH. This approach can make tracking more difficult and helps attackers to sell stolen assets more quickly.
Pressure has also increased on prediction market platforms with the Polymarket PUSD phishing attack. These platforms rely on user trust, quick settlement, and secure wallet operations.
DeFi Security Losses Deepen Market Fear
Security incidents can have a negative impact on the general confidence in the crypto market. Users may avoid DeFi tools, stablecoin products, and prediction markets if they fear wallet-draining attacks.
The case also points to the potential dangers of holding PUSD and other stablecoins in active wallets. Stablecoins tend to be the targets of interest due to their liquidity and ease of transfer.
The Polymarket PUSD phishing attack happens at a tough time for DeFi security. According to the cited security data, more than $840 million was stolen in more than 50 incidents during the first five months of 2026.
Those losses showed a 70% increase from the previous year. Major incidents during the same period included exploits involving KelpDAO and Drift Protocol.
Affected users may see direct losses minimized by Polymarket’s refund pledge. However, the incident highlights the need for crypto companies to scrutinize vendors, dependencies, and wallet approval processes. The next focus may be refund processing, vendor review, and stronger frontend security checks.
Also Read: CoinEx Crypto Exchange Faces Strong $3.84B Sanctions Storm
