Blockchain intelligence firm AMLBot said Polymarket users on the Polygon network recently had about $3.1 million in PUSD stolen after the platform’s front end was compromised by a malicious script. According to ChainCatcher, the attacker implanted a script that prompted users to sign authorization transactions involving EIP-7702 delegated execution, which resulted in affected wallets being drained.
AMLBot said the stolen funds were routed through Relay, converted into USDC.e, bridged to Ethereum, and then swapped into ETH and consolidated to a designated address. It added that about 1,891.9 ETH is currently spread across three newly created wallets.
AMLBot compared the incident to a 2024 attack on the 1inch web application, where a compromised Lottie Player library was used to inject wallet-draining code, describing both cases as third-party script breaches that led to front-end contamination.
AMLBot Reports $3.1 Million PUSD Stolen From Polymarket Users on Polygon After Front-End Script Attack
2026-06-28 13:03:51
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Next article:
R.U. Sirius:赛博朋克未来更趋平庸
