Buy Crypto
Pay with
USD
USD
Buy & Sell
HOT
Buy and sell crypto via Apple Pay, cards, Google Pay, bank transfers, and more
P2P
0 Fees
Zero fees, 400+ payment options, and seamless cryptocurrency buying & selling
Gate Card
Offer easy crypto transactions globally
Markets
Trade
Basic
Advance
Futures
Futures
Hundreds of contracts settled in USDT or BTC
Options
HOT
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Futures Kickoff
Get prepared for your futures trading
Futures Events
Participate in events to win generous rewards
Demo Trading
Use virtual funds to experience risk-free trading
Earn
Launch
CandyDrop
tag
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
NEW
Trade on-chain assets and enjoy airdrop rewards!
Futures Points
NEW
Earn futures points and claim airdrop rewards
Investment
Community
Square
Gate Fun
Share your post and stay informed about crypto and beyond
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
More
Promotions
Beginner's Guide
giveaways
Rewards Hub
Square
Latest
Hot
News
Profile

Polymarket account theft controversy: Magic Labs vulnerability exposed, official information vague

DAOplomacyvip
robot
Abstract generation in progress

【Blockchain Rhythm】In recent days, Polymarket users have experienced a collective account theft incident, causing a stir on X and Reddit. Victims have posted detailed accounts of their losses on social media, sparking widespread discussion.

The root cause has been uncovered— the issue stems from Magic Labs, a third-party identity verification provider. Magic Labs’ service allows users to log in directly with their email to create Ethereum wallets, which sounds very convenient and has indeed attracted many Web3 newcomers. However, this vulnerability was exploited.

On December 24, Polymarket officially acknowledged the incident on Discord, stating that they discovered and fixed a security issue affecting some users, originating from a vulnerability in the third-party identity verification provider.

However, what’s interesting is that Polymarket’s official response is somewhat vague. They did not specify exactly how many users were affected or how much funds were stolen, nor did they name the third-party service provider involved. They simply said, “The issue has been resolved, with no potential risks,” trying to brush it off. Such an attitude indeed raises concerns. For users, this lack of information can increase anxiety—only detailed figures and transparent explanations can truly instill confidence.

ETH0.54%
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 9
  • Repost
  • Share
Comment
0/400
MEVictimvip
· 2025-12-27 07:19
Magic Labs has messed up again, Web3 newcomers have been badly scammed.
View OriginalReply0
LiquidationWatchervip
· 2025-12-26 18:57
magic labs is causing trouble again, this time it's really outrageous --- Polymarket's official response is really perfunctory, no wonder everyone is upset --- Logging in with email to access the wallet sounds a bit unreliable, it's normal for newbies to fall into traps --- Only speaking up on the 24th? Were they pretending not to see it before? --- Third-party verification services still need to be cautious; this time the lesson is painfully clear --- Another announcement claiming "fixed" but with vague details, feels suspicious
View OriginalReply0
SchrodingersPapervip
· 2025-12-25 14:16
Another "Third-Party Scapegoat," why do so many Web3 projects love to play this trick, I really want to laugh --- Magic Labs has failed again, now I trust those so-called partners even less, might as well manage the funds myself --- Is this all the official has? Recognized only on the 24th? Luckily it was uncovered, or else they would have kept it under wraps --- Oh my, I knew email login was unreliable, newbies keep jumping into the pit, how many more people will have to be compensated this time --- Polymarket is getting anxious, from this attitude I can tell how big the trap is, what can be done to fix it
View OriginalReply0
FloorPriceWatchervip
· 2025-12-24 11:56
Magic Labs is up to its old tricks again; this kind of third-party authentication is truly a ticking time bomb. --- The official response from Polymarket is way too perfunctory; do they just want to move on like this? --- Logging in with email was supposed to be convenient, but it turned out to be a major vulnerability—so ironic. --- Those who got hacked, you can't just accept it like that. --- Why did it take until December to discover such a basic security issue? Why didn't they fix it earlier? --- Newbie retail investors are really being cut like this; I hate these third-party service providers. --- Is the official "fix" enough? What about compensation? --- It's Magic Labs again; this company should just change its name to Magic Tricks. --- How many more pitfalls does the entire Web3 space have to step into? It's so despairing. --- I heard some people suffered significant losses. Are they just going to accept it like that?
View OriginalReply0
GigaBrainAnonvip
· 2025-12-24 08:49
Magic Labs is up to its tricks again, this time really causing people to get badly scammed... Convenience and security are truly a trade-off.
View OriginalReply0
Fren_Not_Foodvip
· 2025-12-24 08:46
Did Magic Labs mess up again? These guys are really outrageous. Luckily, I didn't put too much money into Polymarket.
View OriginalReply0
MetaMaskVictimvip
· 2025-12-24 08:41
Basically, it was a third-party scam. Services like Magic Labs really shouldn't be trusted so much.
View OriginalReply0
StealthMoonvip
· 2025-12-24 08:39
Speaking of which, Magic Labs really knows how to stir things up. Convenience and security are truly a trade-off. Stop asking me why I still use Polymarket. I just like gambling. Their official attitude... Are you trying to make everyone patch the vulnerabilities themselves? Once again, a third party takes the blame, Polymarket is recovering very quickly. Magic Labs: "It's not our fault" Polymarket: "It's not our fault" Users: "???" Getting exploited for a profit once a month is really the norm in Web3 life. Fortunately, I transferred out the money I was willing to gamble with in advance. Looks like I escaped this time.
View OriginalReply0
StableCoinKarenvip
· 2025-12-24 08:34
Magic Labs is causing trouble again, which is why I never use third-party wallets to log in.
View OriginalReply0
View More
Sitemap
Trade Crypto Anywhere Anytime
qrCode
Scan to download Gate App
Community
English
  • 简体中文
  • English
  • Tiếng Việt
  • 繁體中文
  • Español
  • Русский
  • Français (Afrique)
  • Português (Portugal)
  • Bahasa Indonesia
  • 日本語
  • بالعربية
  • Українська
  • Português (Brasil)
    • About UsCareersNewsroomSponsor of Oracle Red Bull RacingFC Inter Official Sleeve PartnerUser AgreementRisk WarningPrivacy PolicyCookie PolicyMedia KitProof of ReservesLicenseSecurityGateToken (GT)GUSDGate ChainGate EventsLaw EnforcementSummitsGate Ventures
    P2PConvert & Block TradingSpot TradingFutures TradingStocksAlphaMarginLeveraged TokensNFTGate PayGate LifeGift CardGate OTCGate CharityGate ShopWeb3Gate Perp DEXGate Vault
    VIP BenefitsInstitutionalUser FeedbackAnnouncementFeesHelp CenterSubmit a RequestListingSmart Contract SecurityDevelopersVerification SearchP2P Merchant ApplicationAffiliate ProgramCrypto CalendarCross-Chain Solution
    Gate LearnCrypto CoursesCrypto GlossaryCryptocurrency PricesBig DataBitcoin HalvingEthereum (ETH) UpgradeCrypto WikiCrypto Calculator