Few Polymarket users report attacks on accounts logged in via Google
On September 29, Cointelegraph reported that some users of the prediction marketplace Polymarket recently reported a wallet attack. The attackers used a “proxy” function to steal the USDC balances of the victims, mainly affecting users logged in with Google accounts. One user, HHeego, was attacked on August 5 and 11, losing a total of about $5,197.11 USD. Another user, Cryptomaniac, lost $745 on August 9th.
Polymarket's customer service acknowledged that it had found at least five cases of similar attacks, in which the attackers were suspected of using “email one-time passwords” to log into the victims' accounts. However, the victims said they never used their email addresses to access the platform. Users using browser wallet extensions such as MetaMask or Trustwallet were not affected.Polymarket uses Magic Labs' SDK to enable password-less, seedless phrase logins, which would theoretically require the attacker to access the user's Google account in order to authenticate. However, victims reported no sign of Google accounts being compromised. Polymarket and Magic Labs have not yet responded to the incident.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Fed Minutes Lean Hawkish as Powell’s Speech Set to Reveal Rate Cut Outlook
Fed Mouthpiece: July Meeting Shows Overall Hawkish Sentiment, More Officials Open to September Rate Cut
Analysis: A Few Officials Hint They May Join the Rate-Cut Camp in September
Fed Meeting Minutes Show Broad Support for Decision to Hold Rates Steady
Trending news
MoreCrypto prices
More
