The attacker used a “proxy” function to swipe victims’ USDC balances, but only a small number of Google login users have been affected.
Some users of the Polymarket prediction market app are complaining that their wallets were mysteriously drained after they logged in via their Google accounts.
After making deposits, users found that their wallets were wiped out, leaving a balance of zero. The attacks have not occurred against users that relied on wallet browser extensions such as MetaMask or Trustwallet.
Cointelegraph spoke to two victims of the attacks. The first victim identified himself by the Discord username, “HHeego,” and claimed to be the owner of a Polymarket account whose address ends in C3d4.