Polymarket suffers live POL drain as team rules out feared contract exploit
·2 min read
Compiled by KHAO Editorial
— aggregated from 2 sources + 10 references discovered via search.
See llms.txt for citation guidance.
✓ KHAO Verified
Team statements point to a Polymarket private key compromise rather than core contracts or user funds.
Key facts
Bubblemaps then warned that attackers were removing 5,000 POL roughly every 30 seconds and that about $600,000 had been stolen so far, while advising users to pause Polymarket activity
Bubblemaps amplified the warning at 08:51 UTC, describing the situation as a Polymarket contract exploit, the kind of Polymarket exploit alert that would raise immediate concern about core
Seven seconds later, another PolygonScan transaction shows 4,999.994 POL moving from that labeled admin address to the labeled attacker address
ZachXBT's first available figure was more than $520,000 drained
Summary
Polymarket faced what many users interpreted as a possible hack on May 22 after public alerts described a rapid POL drain on the prediction market platform. The first wave of concern came from on-chain investigator ZachXBT and blockchain analytics firm Bubblemaps. Bubblemaps then warned that attackers were removing 5,000 POL roughly every 30 seconds and that about $600,000 had been stolen so far, while advising users to pause Polymarket activity. Polymarket's later explanation shifted the issue away from core-market failure and toward an internal operational security breach.