Polymarket customers lose $3 million in supply-chain attack
Summary
Decentralized prediction market platform Polymarket is reimbursing customers approximately $3 million lost due to a supply chain attack. Hackers compromised a third-party vendor, injecting a malicious script into Polymarket's frontend to steal user funds.
IFF Assessment
FOE
This event highlights a successful attack that resulted in significant financial losses for users, demonstrating a clear win for threat actors.
Defender Context
This incident underscores the critical importance of supply chain security. Defenders must rigorously vet third-party vendors and implement robust monitoring for any anomalies that could indicate a compromise, as attacks through trusted suppliers can bypass traditional perimeter defenses.