Third-Party Vendor Compromise Fuels $2.94M Crypto Theft on Polymarket Platform
What Happened — Attackers compromised a third‑party vendor that supplied a frontend dependency for Polymarket, injected malicious script, and drained roughly $2.94 million in PUSD from at least 11 user wallets. Polymarket has contained the code, removed the affected dependency, and pledged full reimbursement to affected users.
Why It Matters for Compliance & Audit Readiness —
- Demonstrates the need for SOC 2 vendor‑management controls and continuous monitoring of third‑party components.
- Highlights the importance of maintaining auditable evidence of due‑diligence and supply‑chain risk assessments.
- Shows how a single supply‑chain gap can trigger a material loss that must be documented for incident‑response and audit reporting.
Who Is Affected — Crypto‑focused SaaS platforms, DeFi marketplaces, and any fintech service that relies on external UI libraries or CDN providers.
Recommended Actions — Review and tighten third‑party risk management policies, map vendor‑assessment controls to SOC 2 CC6.1, implement continuous monitoring of dependencies, and retain forensic evidence of the breach for audit purposes. Source: SecurityAffairs
Technical Notes — Attack vector: malicious script injected via a compromised third‑party frontend dependency (supply‑chain attack). No CVE disclosed. Stolen assets: PUSD swapped for ETH and bridged to Ethereum. Source: same article