Loading prices…
🩸BEARISH

Polymarket exploit drains $500K via UMA oracle adapter

The attacker is still actively laundering the stolen funds, turning an oracle-bridge bug into a live, ongoing bleed rather than a one-time event.

Hackers exploited a vulnerability in Polymarket's UMA CTF Adapter — the bridge between the prediction market and the UMA oracle — draining roughly 5,000 POL every 30 seconds on May 22. Over $500,000 has been stolen and the attacker is actively laundering the proceeds, according to on-chain researcher ProMint.

Why it matters

The adapter is the layer that resolves prediction-market outcomes to real-world events via UMA's optimistic oracle. Compromising it doesn't just drain funds — it strikes at the trust assumption Polymarket users rely on when pricing any contract. Until the bridge is patched, every open market on the platform sits on a compromised settlement layer.

Market impact

The active laundering is the more dangerous signal: rather than a one-time extraction, the drain is ongoing. Watchers should expect (1) an emergency pause on the adapter, (2) on-chain tracing of the laundered POL across bridges and mixers, and (3) a post-mortem from the Polymarket team on whether CTF positions opened during the exploit window will be honored.

Related tokens
$POL

Frequently asked questions

  1. What was exploited in the Polymarket hack?

    The UMA CTF Adapter — the bridge between Polymarket and the UMA optimistic oracle used to resolve prediction-market outcomes. Compromising it gave the attacker a live drain path, not a one-time extraction.

  2. How much has been stolen so far?

    Over $500,000 in POL, with the drain rate running at roughly 5,000 POL every 30 seconds according to on-chain researcher ProMint, who first flagged the incident on May 22.

  3. What is the attacker doing with the stolen funds?

    ProMint reported the hacker is actively laundering the proceeds, which is what makes this exploit more dangerous than a typical one-time extraction — the bleed is ongoing rather than contained.

  4. How does the UMA oracle connect to Polymarket markets?

    The adapter routes contract outcomes through UMA's optimistic oracle, which is the trust layer Polymarket users rely on when pricing any prediction. A compromised adapter means every open market sits on a compromised settlement path.

  5. What happens next for Polymarket users?

    Expect an emergency pause on the adapter, on-chain tracing of the laundered POL across bridges and mixers, and a Polymarket post-mortem on whether CTF positions opened during the exploit window will be honored.

Source attribution
Aggregated from Crypto News · Verified · Last refreshed 45d ago
Open original →