ZachXBT Flags Polymarket Smart-Contract Exploit With $520,000 in Losses

On-chain investigator ZachXBT issued a community alert flagging an apparent exploit of Polymarket’s UMA CTF Adapter.

The UMA CTF Adapter is the smart contract that lets Polymarket’s prediction markets settle using UMA’s Optimistic Oracle

According to the alert, attackers have drained more than $520,000 so far. ZachXBT highlighted that the attacker’s address was 0x8F98075db5d6C620e8D420A8c516E2F2059d9B91.

According to Bubblemaps, the exploiter has since dispersed the proceeds across 15 addresses. This pattern is typically seen in the early stages of an on-chain laundering attempt.

Follow us on X to get the latest news as it happens

The situation is developing, and the full scope of the incident, as well as any response from Polymarket, has yet to be confirmed. BeInCrypto has contacted Polymarket for comment on the reported exploit and will update this story as more information becomes available.

The Polymarket incident lands amid a broader spike in DeFi exploits this month. May has already produced five separate hacks in the past week alone, pushing the monthly tally to 19, according to DeFiLlama data. Cumulative losses across those incidents have reached roughly $38.2 million.

Subscribe to our YouTube channel to watch leaders and journalists provide expert insights