Polymarket Ausgenutzt — Angreifer stiehlt 660.000 USD und es werden mehr

Coinfomania · 2026-05-22T10:13:03.000Z

Polymarket, die weltweit größte dezentrale Vorhersagemarkt-Plattform, sieht sich einem vermuteten Smart-Contract-Exploit gegenüber, nachdem Angreifer Berichten zufolge mehr als 660.000 USD aus einem auf Polygon basierenden Adaptervertrag am 22. Mai 2026 abgezogen haben. Warnung: Der Vertrag von #Polymarket scheint ausgenutzt zu werden, und der Angreifer stiehlt Gelder. Bis jetzt wurden bereits mehr als 660.000 USD gestohlen. Quelle: @zachxbthttps://t.co/WXvRwtWEFs pic.twitter.com/sIa0FWEEzo — Lookonchain (@lookonchain) 22. Mai 2026 Der Vorfall wurde zuerst von dem On-Chain-Ermittler ZachXBT gemeldet. Er warnte, dass der UMA CTF Adaptervertrag von Polymarket möglicherweise kompromittiert wurde. Laut mehreren Blockchain-Trackern zog der Angreifer kontinuierlich kleine Mengen an POL- und MATIC-Token alle paar Sekunden ab. Dies geschah durch einen vermuteten Exploit, der mit der veralteten Oracle-Infrastruktur verbunden ist. Der laufende Abfluss hat sich schnell zu einer der größten Polymarket-News-Geschichten des Monats entwickelt.

Polymarket, the world’s largest decentralized prediction market platform. It is facing a suspected smart contract exploit after attackers reportedly drained more than $660,000 from a Polygon-based adapter contract on May 22, 2026. 
Warning: #Polymarket's contract appears to be exploited, and the attacker is stealing funds. So far, more than $660K has already been stolen. Source: @zachxbthttps://t.co/WXvRwtWEFs pic.twitter.com/sIa0FWEEzo
— Lookonchain (@lookonchain) May 22, 2026
The incident was first flagged by on-chain investigator ZachXBT. He warned that Polymarket’s UMA CTF Adapter contract may have been compromised. According to multiple blockchain trackers, the attacker continuously withdrew small batches of POL and MATIC tokens every few seconds. Through a suspected exploit tied to legacy oracle infrastructure. The ongoing drain has quickly turned into one of the biggest Polymarket News stories of the month.
ZachXBT Flags Suspicious Polymarket Activity
The initial Polymarket ZachXBT alert identified two affected contracts:
0x871D7c0f9E19001fC01E04e6cdFa7fA20f929082
0x91430CaD2d3975766499717fA0D66A78D814E5c5
The suspected attacker wallet was identified as:
0x8F98075db5d6C620e8D420A8c516E2F2059d9B91
Blockchain monitoring data later showed repeated withdrawals of roughly 5,000 MATIC every 20-30 seconds. Some transactions exceeded 9,900 MATIC before funds were routed through additional wallets. Lookonchain later confirmed the exploit had surpassed $660,000 in losses. While warning users to avoid new deposits or trading activity until more information becomes available.
UMA Adapter Contract Appears Targeted
Early reports suggest the exploit involves Polymarket’s UMA CTF Adapter on Polygon. The adapter acts as a bridge between UMA’s oracle infrastructure and Polymarket’s Conditional Tokens Framework. That system helps resolve prediction market outcomes across the platform. Security researchers believe the attacker may have exploited an old private key or legacy permission setup tied to the adapter contract. Rather than breaching Polymarket’s core trading infrastructure directly. The repeated small transfers suggest an automated draining strategy rather than a single large exploit transaction. Community members also warned that funds may already be moving toward laundering routes or intermediary wallets.
Why This Matters for Investors
For users and traders, the exploit raises fresh concerns about smart contract security across decentralized prediction markets. Polymarket processes large betting volumes tied to elections, geopolitics, and financial markets. Therefore, any exploit can damage user confidence quickly. 
Some traders now fear:
Temporary liquidity withdrawals
Reduced trading activity
Increased platform caution
Broader trust issues around DeFi prediction markets
If the exploit continues growing, competitors could temporarily benefit as users shift activity elsewhere. The incident also highlights how even mature DeFi platforms remain exposed to infrastructure vulnerabilities.
Developers Face Another Security Wake-Up Call
For developers, the exploit reinforces the importance of key rotation, continuous audits, and strict contract permission management. Legacy adapter contracts and oracle integrations often become overlooked attack surfaces over time. This case may push more DeFi teams toward:
Multi-signature controls
Formal verification tools
Real-time monitoring systems
Faster emergency pause mechanisms
The attack could also accelerate discussions around oracle security standards across Polygon and broader DeFi ecosystems.
Polymarket Response and Outlook
At the time of writing, Polymarket had not released a full public technical breakdown of the exploit. However, community alerts continue advising users to remain cautious until contract activity stabilizes. As Polymarket news continues developing. The investigators will likely focus on whether funds can be frozen or partially recovered through coordinated blockchain tracing efforts. For now, the incident serves as another reminder that security remains one of crypto’s biggest long-term challenges. Especially as decentralized finance platforms continue scaling globally.
The post Polymarket Exploited — Attacker Steals $660K and Counting  appeared first on Coinfomania.