Polymarket-Linked Adapter Exploit Drains Over $520K on Polygon

A contract connected to Polymarket’s UMA Conditional Tokens Framework (CTF) Adapter on the Polygon network has reportedly suffered a suspected exploit, with blockchain investigators estimating losses of at least $520,000.

Blockchain investigator ZachXBT flagged the incident, claiming funds were drained from wallets linked to the adapter contract. Early onchain activity suggests an attacker address received hundreds of smaller transactions from the affected contract, raising concerns about a coordinated drain.

UMA CTF Adapter Role in Prediction Markets

The affected adapter contract plays an important role in Polymarket’s ecosystem. It helps resolve prediction market outcomes through UMA’s Optimistic Oracle system, allowing decentralized settlement of event-based contracts.

Polymarket, currently one of the world’s largest prediction market platforms, handles roughly $3.7 billion in monthly trading volume, making any potential security issue significant for the broader ecosystem.

Blockchain analytics platforms tracking the incident reported that the suspected attacker continued withdrawing around 5,000 Polygon (POL) tokens every 30 seconds. Initial estimates placed losses near $520,000, but later onchain data suggested the total may have crossed $600,000, with some estimates reaching nearly $660,000.

User Funds and Market Impact Still Unclear

At the time of reporting, it remained unclear whether Polymarket user funds, withdrawals, or active prediction markets had been directly affected. No official confirmation regarding the full scope of the incident had been released.

The incident highlights growing security concerns around oracle-linked smart contracts as decentralized prediction markets continue expanding.