Polymarket Suffers Wallet Exploit, Drains $700K
Polymarket Hit By ‘Internal Top-Up’ Wallet Exploit, $700K Drained
Polymarket suffered a security incident involving what was described as an “internal top-up” wallet, resulting in roughly $700,000 being drained.
The incident appears to have centered on a wallet used for operational purposes rather than a typical user-controlled account. In many crypto platforms, “top-up” wallets are used to fund internal processes such as liquidity management, relayer activity, or other system-level operations. Because these wallets can be connected to automated workflows, they can become high-impact targets if access controls fail.
While the available details do not specify the exact attack path, the key takeaway is that an internal operational wallet was exploited and funds were removed. The disclosure of the amount drained provides a clear sense of the scale of the loss.
The episode matters beyond the immediate dollar figure because it highlights a recurring security theme in crypto: platform infrastructure can be exposed even when user-facing components appear to function normally. Internal wallets, hot wallets, and service accounts often have broad permissions or frequent transaction activity, making them attractive targets for attackers.
For prediction markets like Polymarket, trust in the platform’s operational integrity is central. Even when user funds are not directly affected, incidents involving internal wallets can raise questions about treasury management, key custody practices, and the safeguards around automated transaction systems.
