Polymarket affected by security vulnerability, risk of Magic Labs user accounts being compromised increases

2025-12-24 08:12:18

【Blockchain Rhythm】Prediction market platform Polymarket ran into trouble this week. On December 24th, the platform officially confirmed that recent security threats to multiple user accounts were caused by a vulnerability in a third-party identity verification provider.

As early as this week, users on X and Reddit began to report that their Polymarket accounts had been hacked. These victims shared details of their losses on social media, which drew considerable attention. Further investigation revealed that the issue mainly affected users who registered through Magic Labs. Magic Labs is a service that allows users to log in directly with an email and automatically generate a non-custodial Ethereum wallet. For newcomers without experience in crypto asset wallets, this service is considered a very convenient entry point.

On Tuesday, Polymarket acknowledged the incident in its official Discord channel. The official statement said: “We recently discovered and fixed a security vulnerability affecting some users. This vulnerability originated from the third-party identity verification provider.” However, there is a problem—Polymarket has been very secretive about this. How many users were affected? What was the scale of the stolen funds? Which third-party service provider was responsible? All these details were not disclosed. The platform only briefly mentioned that the issue has been resolved and there are no further risks. This attitude towards information disclosure indeed makes users somewhat uneasy.

ETH0,7%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

20 Likes

Reward
20
8
Repost
Share

Comment

0/400

WinterWarmthCat

· 2025-12-27 07:09

Once again, third-party vulnerabilities are to blame... Magic Labs really screwed over beginners this time. --- Polymarket is really dragging their feet; what era are we in that they still have issues? --- No wonder so many people were complaining about account hacks this week; the root cause is here. --- Beginners just log in with email and automatically generate a wallet? I really didn't see this logic coming. It's indeed convenient but also risky. --- It seems that Web3 security is a lesson that can never be learned... --- When third-party verification providers are attacked, do victims just have to accept their bad luck? Who will take the blame? --- Magic Labs users are in trouble; quickly check if your account has been compromised. --- Another platform has issues. When will this industry truly become secure? --- Those who don't manage their wallets themselves need to learn a lesson this time.

View OriginalReply0

SerumDegen

· 2025-12-27 01:19

nah magic labs got absolutely liquidated this week... third party vuln cascading into user wallets, classic market structure failure. watching these noobs get rekt on email login wallets hits different tbh

Reply0

Lonely_Validator

· 2025-12-27 00:15

Another major platform has crashed. Magic Labs really tricked quite a few newcomers this time.

View OriginalReply0

FloorSweeper

· 2025-12-24 08:42

It's another third-party trap. Beginners should probably avoid Magic Labs. Self-custody wallets seem convenient but are actually the deepest pitfalls.

View OriginalReply0

LiquidatedAgain

· 2025-12-24 08:39

Once again, been screwed over by a third party, which is why I never all-in on these new projects. Magic Labs users are completely knocked out; this is the real liquidation price. Newbie's blessing turned into a trap; non-custodial wallets can't even protect you. Feels like Polymarket's risk control points are set really poorly. It's always after the fact that they come up with solutions, and we retail investors are the ones who suffer huge losses.

View OriginalReply0

MemecoinTrader

· 2025-12-24 08:33

watching the memetic velocity on this unfold... classic social arbitrage setup. Magic Labs becoming the new exit vector? *chef's kiss* sentiment's already pricing in the drama before the patches drop. early adopters always eat the fee.

Reply0

SatoshiHeir

· 2025-12-24 08:31

It should be pointed out that Magic Labs' convenient login solution precisely discredits the myth that "usability and security can be both achieved." Laughs, yet another fiat-centric platform wants to use email keys to open the Ethereum door. Isn't this a fall from the very essence of technology? Based on on-chain data, it shows that the single point of failure of third-party verification providers has become a stubborn problem in the industry. Why aren't all platforms this unreliable? Because some people have really done their homework. Although a bit sentimental, this kind of vulnerability is like a thorn piercing into the dreams of beginners. Convenience is a poison. According to the spirit of the white paper, self-custody shouldn't be so fragile. Polymarket has truly deviated from its original intention this time.

View OriginalReply0

MetaMisfit

· 2025-12-24 08:17

It's the third-party taking the blame again; this trick is completely worn out.

View OriginalReply0