📅 December 24 | Crypto Ecosystem
For many users, the morning started like any other… until it wasn't. Notifications of login attempts, empty balances, and unauthorized closed trades triggered alarms on Polymarket, one of the most widely used decentralized prediction platforms in the crypto ecosystem. What was unsettling wasn't just the loss of funds, but the context: secure devices, emails protected with two-factor authentication, and no prior suspicious activity.
📖During the week, several users reported being victims of a Polymarket account hack, discovering that their positions had been closed and their balances almost completely drained. The reports shared a key element: the access attempts occurred without compromising emails or personal devices, and in some cases even with additional security measures enabled.
According to testimonials shared on X and Reddit, those affected received multiple notifications of login attempts before their funds disappeared. In at least two documented cases, users stated they had not clicked on any suspicious links or interacted with any external sites.
Attention quickly focused on a common factor: the affected users had created their accounts using Magic Labs, an authentication provider that allows login with email and generates non-custodial Ethereum wallets. This system is widely used by new crypto users precisely because it eliminates the friction of managing private keys from the outset.
On Tuesday, Polymarket officially confirmed the incident via its Discord channel. The platform acknowledged that a small number of users were affected by a security issue originating from a third-party authentication provider.
Although it stated that the vulnerability had been fixed and that there are no active risks, the company did not disclose how many users were impacted, the total amount of funds stolen, or publicly identify the provider involved.
Topic Opinion:
In the race to attract massive user bases, many platforms have prioritized ease of access over the resilience of their security model. The result is a hybrid ecosystem, where the risk lies not in the smart contract itself, but in the bridges that connect the user to it.
💬 Who assumes responsibility when the failure is not on-chain?
Leave your comment...
#Polymarket #CryptoHack #defi #BTC #CryptoNews $BTC
