TechFlow news — On September 29, according to Cointelegraph, some users of the prediction market platform Polymarket recently reported mysterious wallet attacks. Attackers exploited the "proxy" functionality to steal victims' USDC balances, primarily affecting users who logged in via Google accounts. One user, HHeego, was attacked on August 5 and August 11, losing a total of approximately $5,197.11. Another user, Cryptomaniac, lost $745 on August 9.
Polymarket's customer support acknowledged awareness of at least five similar attack cases, with attackers suspected of using "email one-time passwords" to gain access to victims' accounts. However, victims stated they never accessed the platform using their email addresses. Users who logged in via browser wallet extensions such as MetaMask or Trust Wallet were unaffected.
Polymarket uses Magic Labs' SDK to enable passwordless and seed-phrase-free logins. In theory, attackers would need access to a user’s Google account to authenticate. Yet victims reported no signs of compromise on their Google accounts. As of now, neither Polymarket nor Magic Labs has responded to the incident.




