Polymarket Front-End Attack Steals $3.1M in PUSD via Malicious Script

2026-06-28 20:56

Woofun AI reports that a front-end malicious script attack on the Polygon network resulted in the theft of approximately $3.1 million in PUSD from Polymarket users. Attackers implanted code that tricked victims into signing authorization transactions involving EIP-7702 delegated execution, leading to wallet drainage.

The stolen assets were converted to USDC.e via Relay, bridged to Ethereum, and swapped for ETH. Currently, roughly 1891.9 ETH is distributed across three new wallets. This incident mirrors the 2024 1inch web application breach, where a compromised Lottie Player library facilitated similar front-end contamination.

Disclaimer: Views are the author's own and do not represent the platform. Do not reproduce without permission. Content is for reference only, not investment advice. Trade at your own risk.

Trending News

XRP Futures Flush $9.7M While Spot Reserves Hold Steady Amid 71.7% Network Surge

Binance Posts $400M Weekly Outflows as MiCA Deadline Looms

Mantle Plunges 21.6% as Bitcoin Drops 8.6% Amid 44% Selling Surge

Aave Targets $4.6 Trillion Securities Lending Market With Tokenized Stocks

Hyperliquid Valuation Targets $319 by 2028 with 4x Growth Potential

Anthropic Valuation Hits $965 Billion While Agent Era Risks Fragmenting Model Monopoly

Grayscale Analyst Urges Strategy to Sell $3B Bitcoin Amid 28.75% Preferred Stock Discount

800 Billion SHIB Hit Exchanges as Burns Surge 56% Amid Selling Pressure

Single Sequencer Bug Triggers 136 Minutes of Base Network Downtime

6.27 Million SOL Moves From Binance in Largest 2026 Transfer