|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Cryptocurrency News Articles
Polymarket Users Complain That Their Wallets Were Mysteriously Drained After They Logged In Via Their Google Accounts
Sep 29, 2024 at 10:01 pm
Some users of the Polymarket prediction market app are complaining that their wallets were mysteriously drained after they logged in via their Google accounts.
Several users of the decentralized prediction market app Polymarket have reported their wallets being mysteriously drained after logging in via their Google accounts.
After making deposits into their Polymarket accounts, the users discovered that their wallets had been emptied, leaving a balance of zero. Notably, these attacks have only affected users who accessed the platform through Google logins, while those using wallet browser extensions like MetaMask or Trustwallet have not encountered any issues.
Cointelegraph spoke to two victims of these attacks, who shared their experiences and provided insights into the events that unfolded.
The first victim, who goes by the Discord username "HHeego," encountered problems while attempting to deposit funds into his Polymarket account. After depositing $1,085.80 in USD Coin (USDC) from Binance on August 5, the transaction did not appear in his account within the Polymarket app despite waiting for several hours.
Believing there might be an issue with his account, HHeego joined the Polymarket Discord server to seek assistance. He discovered that several other users were experiencing similar problems, which appeared to be related to a user interface issue. This eased HHeego's concerns, and he decided to wait for the issue to be resolved.
Later that day, the deposit finally appeared on the user interface, but it "vanished almost as quickly as it had come," according to HHeego. He realized that his entire USDC balance of $1,188.72 had disappeared. This balance included $102.92 that had been in the account before the deposit was made, as well as the deposit itself.
Interestingly, HHeego's $2,000 worth of open trades remained untouched.
After inspecting his account history using the Polygonscan block explorer, HHeego discovered that his USDC balance had been transferred to an account labeled "Fake_Phishing399064." He then promptly submitted a ticket to Polymarket's customer support team to report the incident.
When the customer support agent heard HHeego's story, he expressed disbelief and asked, "Haven't you withdrawn that amount?" To which HHeego replied, "No I haven't." The agent then inquired, "Are you sure it wasn't you then?" and HHeego responded, "I am 100% sure."
In the image below, Cointelegraph has redacted the agent's screen name to protect his privacy.
A conversation between HHeego and a customer service agent. Source: HHeego
The agent proceeded to ask HHeego if "your PK got leaked or you got phished somehow." However, the user, who claims to be new to the crypto world, initially didn't understand what the agent meant by a "PK leak." He also stated that he has never used a browser extension wallet and has only ever used a Google login to access Polymarket.
After asking a few more questions, the agent informed HHeego that the team was investigating the anomaly and would contact him once they had more information.
Another $4K gets swiped
Convinced that the wallet drain was some kind of "glitch" that would eventually be worked out, HHeego went on to deposit an additional $4,111.31 on August 11. As before, the "fake phishing" account drained all of the funds, bringing the user's total losses to $5,197.11.
At this point, the user became convinced that his Polymarket account was hacked. He closed all of his trades, amounting to nearly $1,000 in funds, and withdrew his balance to his Binance account. The proceeds from these trades were not touched by the attacker, and the withdrawal was successful.
After retrieving his funds, HHeego contacted customer service again. This time, the customer service agent told him that his account was compromised and he should stop using it. According to the user, the agent also told him "they are close to understanding 100% what has happened."
He received one last message from customer service on August 15. In this message, the agent stated that the attack was "a complex situation" and that the team wanted to have all of the details before communicating its next steps. The agent then referred HHeego to another team member.
Reported last customer service message from Polymarket. Source: HHeego
HHeego claimed that he did not receive any further information from the Polymarket team after August 15.
Blockchain data confirms many aspects of HHeego's story. The account was drained of $1,188.72 USDC through a "proxy" function call on August 5. On August 11, an additional $4,111.31 was removed from the account. In both cases, the function was called by
Disclaimer:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
- Discover the Hidden Gems of Mexico
- Sep 30, 2024 at 02:50 am
- Mexico is a country brimming with fascinating facts and hidden gems that often go unnoticed. From its rich history and diverse cultures to its breathtaking landscapes and unique traditions, there's always something new to discover about this vibrant nation.
-
- TRON (TRX) Network Outperforms Ethereum's Ecosystem, Toncoin (TON) Expected to Reclaim $7 in Q4, Lunex Network's (LNEX) Cross-Chain Exchange Poised for Massive Rally
- Sep 30, 2024 at 02:15 am
- TRON and Toncoin are seeing significant increases in their network usage, making analysts extremely bullish on these tokens. While TRON and Toncoin are still prone to market fluctuations, Lunex Network has gone viral and is quickly becoming the best crypto presale.