aggregated●·Crypto·

Polymarket Hit by $2.9M Frontend Hack — Users to Be Refunded

BTCETH

Polymarket, the prediction market platform, suffered a $2.9 million theft after attackers injected malicious code into its frontend interface, compromising user funds. The platform says it has removed the affected dependency and contained the breach. All affected users will be made whole through refunds.

Why it matters

Frontend injection attacks are among the most common and damaging vectors in crypto — they exploit the interface layer that every user touches, not just smart contract code. This breach hits Polymarket at a moment of peak momentum: the platform crossed $1 billion in annualized revenue within six weeks of its U.S. launch, with daily volume surging from $50M to over $200M. A security incident at this scale could slow user acquisition and spook the wave of first-time crypto users the platform has been onboarding through World Cup betting.

Watch next

Watch for Polymarket's official post-mortem disclosure (no set date, but typically within 1-2 weeks of breach containment). Also monitor overall prediction market volume data in late June to early July to see if user activity dips following the incident.

Full analysis · Subscribers

The deep dive (bull case, bear case, and the data point that decides which side wins), the cause-and-effect chain behind the move, plain-English explainers for every block, and the live update timeline (3 updates so far).

Want this for every market day?

Aggregated reads 51 sources in five languages and turns the day into plain-English cards like this one.

Educational analysis of public information — not investment advice.

← Today's brief