Crypto Fraud Watch: Polymarket’s $3M Hack, a Fugitive DeFi Hacker, and How Big Tech Is Fighting Back
The past week delivered a sharp reminder that no corner of crypto is immune to fraud. A fresh supply-chain attack drained $3 million from Polymarket users on June 25, a Canadian hacker linked to a $65 million DeFi heist remains a fugitive, and the DOJ’s unprecedented “Disruption Week” brought Apple, Google, and Coinbase together in the largest coordinated tech-law enforcement action against crypto scams on record. Here’s what every investor, operator, and legal professional needs to know.
On June 25, prediction-market platform Polymarket disclosed that hackers stole approximately $3 million from at least 11 user wallets through a supply chain attack on a third-party vendor. The attackers compromised an outside provider, injecting malicious JavaScript into Polymarket’s frontend during a critical window. That tampered script tricked users into approving fraudulent transactions that instantly drained their connected wallets. The attackers then bridged the stolen funds from Polygon to Ethereum, converting them into roughly 1,893 ETH before disappearing.
Polymarket has committed to refunding affected users in full — but the incident exposes a growing blind spot in crypto security: even protocols with clean smart contracts can be devastated by the vendors and third-party scripts they rely on. Notably, this is Polymarket’s second major security incident in as many months, following a separate $700,000 private-key exploit in May. As prediction markets face intensifying regulatory scrutiny, repeated breaches could accelerate calls for mandatory security standards across the sector.
Federal prosecutors in the Eastern District of New York unsealed a five-count indictment against Andean Medjedovic, a 22-year-old Canadian national, charging him with stealing approximately $65 million from two DeFi protocols — KyberSwap and Indexed Finance — through sophisticated smart-contract manipulation carried out between 2021 and 2023. Medjedovic allegedly borrowed hundreds of millions in digital tokens to execute deceptive trades that caused the protocols’ automated smart contracts to miscalculate key variables, allowing him to drain investor funds at artificial prices and rendering victims’ holdings essentially worthless.
Charges include wire fraud, hacking, attempted extortion, and money laundering — each carrying up to 20 years in prison. Despite the indictment, Medjedovic remains a fugitive; he reportedly told associates he “may be on the run forever.” The case is one of the most technically sophisticated DeFi fraud prosecutions to date and signals that U.S. prosecutors are increasingly capable of unwinding complex on-chain manipulation schemes — even years after the fact and across international borders.
In a landmark operation this month, the DOJ’s Scam Center Strike Force joined forces with Apple, Coinbase, Google, Meta, Microsoft, SpaceX/Starlink, and TRM Labs in an unprecedented “Disruption Week” targeting Southeast Asian cryptocurrency fraud networks. The joint action disrupted more than 1.4 million social media accounts, email accounts, and internet access points used by transnational syndicates to run pig-butchering scams against Americans. Private sector partners voluntarily froze over $3.8 million in cryptocurrency tied to money laundering, with Coinbase alone freezing over $3 million in criminal-network assets.
The scale of the problem driving this response is staggering. Crypto investment scam losses hit $7.2 billion in 2025 — a 24% increase from 2024 — with many schemes run from industrial compounds in Cambodia, Laos, and Myanmar where trafficked workers are forced to operate fraud operations under threat of violence. The Disruption Week operation also led to seven arrests in Thailand and the opening of new Royal Thai Police cases. It represents a meaningful escalation: treating crypto fraud not as a niche financial crime but as a transnational human-rights emergency demanding whole-of-government and whole-of-industry action.
On June 26, federal authorities moved to forfeit approximately $222,000 in cryptocurrency traced to a pig-butchering scheme that wiped out the life savings of a Florence, Alabama resident. The case followed the now-familiar playbook: a stranger initiated contact via social media, built trust over weeks, then guided the victim to a fake investment platform that appeared to show growing returns — until withdrawal became impossible and the platform vanished along with every dollar the victim had invested.
This case is one of many. The DOJ forfeiture process is a critical tool for partial recovery, but timing is everything — stolen funds typically move through mixers and cross-chain bridges within hours. Most victims lose the chance of any recovery simply by waiting too long to report. If you or someone you know has sent money to an unverified crypto platform after being contacted by a stranger online, it is worth speaking to a crypto-focused attorney immediately, even if the situation seems uncertain.
The Polymarket hack is a reminder that supply-chain risk extends beyond your own wallet. Avoid connecting your primary holdings wallet to any platform you haven’t thoroughly vetted — use a separate, purpose-built wallet with only the funds you need for each session. For DeFi participants, check that protocols have been audited by reputable firms and that privileged admin functions are timelocked or DAO-governed. And treat any unsolicited investment opportunity — no matter how gradually or convincingly it is introduced — as a red flag. Scammers are patient; be even more patient before sending a single dollar.
If you have already been victimized, legal options exist. A crypto-focused attorney can help you file complaints with the FBI’s Internet Crime Complaint Center (IC3), pursue civil forfeiture claims, coordinate with exchanges to freeze suspicious assets, and preserve on-chain evidence before it becomes unrecoverable. The DOJ’s recent successes — from the Disruption Week freezes to the Florence forfeiture — prove that targeted legal intervention can work when timing is right.
At Coin Counsel, we work with individuals and businesses navigating the legal fallout of crypto fraud — whether you’re a victim seeking recovery, a company facing regulatory scrutiny, or a project working to stay compliant in an increasingly complex legal landscape. The rules are evolving fast, and the cost of getting it wrong has never been higher. Contact us at coin-counsel.com to speak with a crypto-focused attorney today.
This blog post is for informational purposes only and does not constitute legal advice. Reading this content does not create an attorney-client relationship between you and Coin Counsel or Franco Law PLLC. The legal landscape surrounding cryptocurrency is rapidly evolving and varies by jurisdiction. Do not act or refrain from acting based on information in this post without first consulting a qualified attorney. If you believe you have been the victim of crypto fraud, contact us at coin-counsel.com for a consultation.
