Netting $2.4 Million: These 9 Insider Addresses Knew the US-Iran War Best

marsbitPublished on 2026-05-25Last updated on 2026-05-25

Abstract

On May 18th, Bubblemaps investigators disclosed the discovery of nine highly correlated anonymous accounts on Polymarket that netted over $2.4 million from prediction markets tied to US military actions, with a 98% win rate. The accounts focused almost exclusively on the 2026 US-Iran conflict, placing bets with uncanny precision days before key events like the "Operation Epic Fury" strike on February 28th, which eliminated Iran's Supreme Leader. Bubblemaps' analysis linked four core accounts—each profiting around $400k—and five others through synchronized timing, transaction patterns, and fund flows. The money moved through shared wallet networks, suggesting professional obfuscation. This case is six times larger than the earlier prosecution of US Army Sergeant Gannon Van Dyke for insider trading on Polymarket. While platforms like Polymarket have established AI monitoring and explicit rules against trading on stolen or confidential information, the incident has spurred controversial "insider copy-trading" services that help users follow high-success accounts, raising new regulatory questions.

Written by: Mahe, Foresight News

On May 18, Nicolas Vaiman, founder of Bubblemaps, and lead investigator Deebs (a pseudonym used by a former U.S. military officer for safety reasons) disclosed to the public: they discovered nine highly correlated anonymous accounts on Polymarket that collectively netted over $2.4 million from prediction markets related to U.S. military actions, with a winning rate as high as 98%.

Bubblemaps provided a detailed analysis of these accounts on Twitter. They almost exclusively bet on military events related to the US-Iran conflict in 2026, with timing so precise it was chilling—often placing bets just days before key actions occurred, and favoring long-odds, low-probability options.

This wasn't simply "good luck." After visualizing the trades in the "Will the US strike Iran for the first time before February 28?" market on Polymarket, Bubblemaps discovered a massive pink cluster previously unmentioned on the X platform.

Further investigation linked the initial 4 accounts to another 5 through identical time windows, trade sizes, and fund flow paths. The nine accounts followed highly consistent funding paths: funds were transferred via centralized exchanges into a shared wallet network within an extremely short timeframe, with suspected use of professional services to hide traces.

4 Core Accounts Each Earned $400,000

In the early morning of February 28, 2026, the United States and Israel launched large-scale joint strikes codenamed "Operation Epic Fury" and "Lion's Roar." US-Israeli forces conducted nearly 900 strikes against Iran within 12 hours, targeting nuclear facilities, missile bases, military command centers, and hideouts of senior leaders. Iran's Supreme Leader Ali Khamenei and several of his family members, along with senior commanders of the Revolutionary Guard Corps, were killed in the initial strikes.

As early as the day of the February 28 strikes, Bubblemaps had publicly flagged six "fresh" accounts. Most of these accounts were created and funded within 24 hours before the strike, accurately betting on "the US will strike Iran before February 28," collectively netting about $1 million (some reports said $1.2 million). At the time, market odds were extremely low, yet these accounts heavily bet on them. Bubblemaps called it "suspected insider trading."

Five months later, the nine-account cluster they discovered was larger and had a higher win rate.

The four core accounts were created a few days before February 28, each earning about $400,000; the subsequent five accounts were linked through fund flows and trade overlaps. The nine accounts placed over 80 bets, almost all on US military actions: the first strike on February 28, the specific timing of Khamenei's elimination, the announcement of a ceasefire agreement, etc. They even placed bets spread across multiple dates to maximize gains, while occasionally placing one or two small losing bets (like on February 20), likely as cover.

Bubblemaps listed the nine Polymarket wallet addresses (including 0x09d3273fa76282ce09f4f35a87d6f087c05f4e84, etc.), emphasizing that these accounts have long dominated the profit/loss leaderboards. Funds ultimately flowed to a shared wallet network, showing signs of professionalized money laundering or service use.

Vaiman stated bluntly: "Luck cannot explain these numbers." Deebs added that potential insider sources are numerous—government officials, military planners, intelligence analysts, even family members of military personnel.

Earlier this year, US Army Staff Sergeant Gannon Ken Van Dyke was charged with using classified intelligence to bet on special operations in Venezuela on Polymarket, investing $34,000 to profit $400,000 before quickly withdrawing funds and attempting to delete the account. Polymarket cooperated closely with law enforcement, ultimately leading to the prosecution. The Van Dyke case is seen as a landmark case for insider trading in prediction markets.

This nine-account cluster's profit is six times that amount, with a higher win rate, and is entirely concentrated on US-Iran military events.

Bubblemaps exclusively shared the investigation with "60 Minutes." The segment aired on the evening of May 17, garnering significant attention. The CBS report noted that Polymarket has established AI monitoring and blockchain forensics systems, reporting suspicious activities to law enforcement authorities once detected, and emphasized that "insider trading is not welcome on the platform."

As of publication, Bubblemaps has not directly linked the nine accounts to any specific entity or government agency, stating only that "the correlation and near-perfect win rate raise serious suspicions."

Fighting Insider Trading vs. Copying Insider Trading

Insider trading makes many market participants feel the game is unfair. Prediction market platforms, including Kalshi and Polymarket, are taking more measures to combat it.

In late March this year, Polymarket updated its market integrity rules for its DeFi platform and its US exchange regulated by the U.S. Commodity Futures Trading Commission (CFTC). The updated rules clarify three core prohibited insider trading behaviors:

  • Trading using stolen confidential information—Participants may not trade any contracts if they possess confidential information about the outcome or likely outcome of an underlying event, and using that information would breach a pre-existing duty of trust or confidence owed to another person or entity.
  • Prohibition on trading using illegal insider tips—Participants may not trade using confidential information provided to them by another person, if the information was provided by someone who owed a pre-existing duty of trust or confidence to another, and the participant knows or has reason to know that the person providing the information themselves would be prohibited from trading on it.
  • Trading by those able to influence the outcome—Participants may not trade any contracts if they have authority or influence sufficient to affect the outcome of the underlying event.

However, rules always have loopholes. Since insider trading cannot be completely eradicated, some ill-intentioned so-called "insider copy-trading projects" have also sparked controversy. These applications compile trading accounts with abnormally high win rates for users, or flag suspiciously timed, abnormally sized trades, helping users copy these trades with one click.

Kreo's selling point is helping users "find insider traders before others." Polycool directly posts a "Polymarket Insider Trading Guide" on its website, stating "This isn't the stock market, betting with non-public information won't land you in jail, the rules for decentralized prediction markets are completely different."

A question then arises: does copying trades from insider trading addresses constitute a violation?

There has been no official response yet.

However, so-called "insider copy-trading platforms" like PolyGUN and Polycule have suffered hacker attacks this year, incurring losses ranging from tens of thousands to hundreds of thousands of dollars.

Related Questions

QWhat did Bubblemaps investigators discover about a group of anonymous accounts on Polymarket?

ABubblemaps investigators discovered nine highly correlated anonymous accounts that collectively netted over $2.4 million from prediction markets related to US military actions, with a win rate of 98%. They were primarily focused on US-Iran conflict events in 2026.

QAccording to the article, what characteristics made the trading activity of these nine accounts highly suspicious?

AThe accounts were highly suspicious because they placed bets almost exclusively on US-Iran military events, their timing was unnervingly precise (often days before key actions), they preferred low-odds, long-term options, and they used shared wallet networks and professional services to obscure fund flows.

QWhat is the name of the US soldier mentioned in the article who was charged for insider trading on Polymarket, and what was his profit?

AThe US soldier mentioned is US Army Staff Sergeant Gannon Ken Van Dyke. He was charged for using classified intelligence to bet on a Venezuelan special operations event on Polymarket, investing $34,000 and making a profit of $400,000.

QWhat are the three core types of prohibited insider trading behaviors outlined in Polymarket's updated market integrity rules?

AThe three core prohibited behaviors are: 1) Trading using stolen confidential information. 2) Trading using illegal insider information provided by someone who breached a duty of trust. 3) Trading by individuals who have the authority or influence to affect the outcome of the event.

QWhat controversial practice related to potential insider trading has emerged on prediction market platforms according to the article?

AThe controversial practice is the emergence of 'insider copy-trading' platforms or applications. These services identify accounts with suspiciously high win rates or anomalous trades, allowing users to copy their bets, essentially attempting to profit from potential insider information.

Related Reads

European Blockchain Convention returns to Barcelona as institutional capital moves to the centre of the digital asset market

The European Blockchain Convention (EBC) returns to Barcelona for its 12th edition on 16–17 September 2026. With institutional capital now central to the digital asset market following ETF approvals and MiCA regulation, the event focuses on execution—identifying the platforms and infrastructure that will define the next institutional layer. EBC12 will convene over 6,000 attendees, including firms like BlackRock and Bitwise, for discussions on regulatory convergence, institutional capital allocation, tokenization of real-world assets, stablecoins, and the role of AI. Positioned as Europe's Digital Asset Marketplace, EBC facilitates crucial pan-European dialogue among asset managers, banks, and policymakers in a fragmented regional landscape.

marsbit10m ago

European Blockchain Convention returns to Barcelona as institutional capital moves to the centre of the digital asset market

marsbit10m ago

Female Crypto Mogul Survived Mining Crackdown and Market Plunge, but Paid a $60 Million Tuition to a U.S.-Style 'Pig-Butchering' Scam

An 80s-born Chinese entrepreneur, Fiona Lyu (also known as Lv Yongshuang), CEO of the mining firm Chengdu Valarhash Technology, was defrauded of over $9.4 million (approx. RMB 60 million) in the US, according to a Caixin report. Lyu's company once operated the 1THash and Bytepool mining pools, which collectively controlled about 9% of the global Bitcoin hash rate at their peak in early 2020. The scam began in 2021 after China's crackdown on crypto mining forced Lyu to seek overseas relocation for her operations. She was introduced to Zubair Al Zubair, who posed as an "UAE royal family member" with connections to Middle Eastern capital and US local government resources. He and his brother, who impersonated a hedge fund manager, orchestrated a fake contract signing for a mining facility in Ohio, witnessed by local officials. Lyu transferred millions in contract payments. The brothers, both US citizens with fabricated backgrounds, later fraudulently sold 1,067 of her miners for $6.17 million. The scheme involved bribing a mayor's chief of staff for legitimacy. In May 2026, US courts sentenced Zubair to 24 years in prison, his brother to 23 years, and the official to 8 years. Simultaneously, Lyu faced a separate legal battle in China. A subsidiary of listed company ST Zhongchang sued her firm, seeking refunds for a 2021 contract involving Bitcoin mining equipment. Chinese courts ruled the mining contract invalid and ordered a refund of nearly RMB 19.3 million. This dual blow marked a stark downturn for the once-prominent figure in the crypto mining industry.

Foresight News12m ago

Female Crypto Mogul Survived Mining Crackdown and Market Plunge, but Paid a $60 Million Tuition to a U.S.-Style 'Pig-Butchering' Scam

Foresight News12m ago

Trade.xyz Pricing Controversy Exposes Fatal Weakness of Pre-IPO Perpetual Contracts

The Trade.xyz pricing controversy surrounding its SPCX (SpaceX) pre-IPO perpetual contract on Hyperliquid has exposed a critical vulnerability in decentralized finance (DeFi) platforms offering such instruments. The dispute erupted after SpaceX's updated filing revealed its total shares outstanding were approximately 10% higher than market estimates. While centralized exchanges (CEXs) paused trading and repriced contracts based on the new data, Trade.xyz maintained its position that its "IPOP" contract tracks market expectations for the per-share price, not the company's fundamental valuation or share count. This discrepancy triggered cross-platform arbitrage and led to significant losses for leveraged long positions on Trade.xyz, as the contract price gaped down without a value-neutral adjustment mechanism. The incident highlights the absence of a "Rebase" function—a mechanism that proportionally adjusts contract prices and user positions to reflect corporate actions like share count changes—within many decentralized perpetual exchanges (Perp DEXs). Unlike CEXs, which can centrally execute such adjustments, implementing Rebase on-chain involves significant technical complexity, gas costs, and potential security risks. Trade.xyz's architecture, which allows independent market deployment, further complicates platform-wide Rebase implementation. The controversy underscores broader challenges for Perp DEXs venturing into real-world assets (RWA) like pre-IPO shares. It raises questions about pricing reliability, transparent rule disclosure, and the ability to handle corporate events, testing user trust and the long-term viability of these synthetic markets for price discovery before official listings.

链捕手28m ago

Trade.xyz Pricing Controversy Exposes Fatal Weakness of Pre-IPO Perpetual Contracts

链捕手28m ago

When AI Traffic Surpasses Humans, How Do You Prove You're Human?

As AI-generated web traffic now surpasses human activity, the internet's foundational business models—built on human attention, browsing, and advertising—face severe disruption. AI agents crawl websites at immense scale without generating ad revenue, while AI summaries divert traffic from original content sites. In response, over 2.5 million sites are blocking AI crawlers, and protections like Cloudflare's "honeypot" traps have emerged, though advanced AI can bypass these. The collapse of traditional CAPTCHAs, which assumed machines were weaker than humans, has led to a shift toward behavioral biometrics for human verification. Companies like IBM and BioCatch now analyze unique human patterns—cursor movements, typing rhythms, keystroke dynamics, and even cognitive delays like the Stroop effect—to distinguish real users from bots. These biometric signatures are difficult to fake or alter, offering a new layer of security but raising significant privacy concerns. Two competing visions for a reliable human verification system are emerging. One, exemplified by Sam Altman’s World (formerly Worldcoin), uses centralized iris scanning to generate unique credentials, though it faces bans and criticism over unauthorized data collection. The other employs cryptographic zero-knowledge proofs, allowing users to prove they are human without revealing identity or biometric data, as advocated by Vitalik Buterin. However, decentralized approaches risk exploitation through identity renting in economically unequal regions. The central dilemma is between a scalable but privacy-invasive centralized system that permanently controls users' biometric data, and a privacy-preserving cryptographic system vulnerable to real-world economic manipulation. The author expresses a preference for the cryptographic path, arguing that despite its flaws, it avoids the irreversible biometric surveillance inherent in centralized alternatives.

Foresight News36m ago

When AI Traffic Surpasses Humans, How Do You Prove You're Human?

Foresight News36m ago

Crypto Primary Market Investment and Financing Forward-Looking Weekly Report | Stablecoin Regulation Nears Implementation, ETF Funds Continue to Withdraw, Capital Begins Betting on Payment and Cash Flow

Crypto Market Weekly Report (Jun 1-7, 2026): Capital Shifts Focus to Payments & Cash Flow Market data indicates a significant divergence: while traditional institutional funds continue exiting via BTC and ETH ETFs (recording net outflows of $1.72B and $168M this week, respectively), stablecoin supply continues growing. This suggests capital is shifting from speculative asset allocation toward defensive positioning within on-chain liquidity, awaiting new, concrete opportunities. This trend is reflected in venture capital focus. Weekly fundraising fell 27% to $302M, with investments concentrating on infrastructure with tangible revenue potential: 1. **Stablecoin Infrastructure (28% of funding):** Projects like M0 Protocol ($35M raise) are gaining attention as regulatory clarity (e.g., the GENIUS Act) nears, shifting the focus from legitimacy to building payment and settlement networks. 2. **AI Agent Infrastructure (26%):** Investments are moving from conceptual AI Agents towards the execution and economic layers required for a functional "Agent economy." Key raises include OpenRouter ($40M) and Halliday ($20M). 3. **Real World Assets (RWA) (18%):** The search for on-chain yield and cash flow drives continued interest in RWA platforms like Ondo Finance. Security threats are evolving from smart contract exploits toward key management failures, permission control issues, and regulatory execution risks (e.g., court-ordered asset freezes). **Key Takeaways:** The investment thesis is shifting from narrative-driven bets to revenue and cash-flow-generating protocols. Future attention should be on the progression of stablecoin regulations, the commercial validation of AI Agent economies, and the performance of high-revenue protocols like derivatives platforms.

marsbit43m ago

Crypto Primary Market Investment and Financing Forward-Looking Weekly Report | Stablecoin Regulation Nears Implementation, ETF Funds Continue to Withdraw, Capital Begins Betting on Payment and Cash Flow

marsbit43m ago

Trading

Spot
Futures

Hot Articles

How to Buy WAR

Welcome to HTX.com! We've made purchasing WAR (WAR) simple and convenient. Follow our step-by-step guide to embark on your crypto journey.Step 1: Create Your HTX AccountUse your email or phone number to sign up for a free account on HTX. Experience a hassle-free registration journey and unlock all features.Get My AccountStep 2: Go to Buy Crypto and Choose Your Payment MethodCredit/Debit Card: Use your Visa or Mastercard to buy WAR (WAR) instantly.Balance: Use funds from your HTX account balance to trade seamlessly.Third Parties: We've added popular payment methods such as Google Pay and Apple Pay to enhance convenience.P2P: Trade directly with other users on HTX.Over-the-Counter (OTC): We offer tailor-made services and competitive exchange rates for traders.Step 3: Store Your WAR (WAR)After purchasing your WAR (WAR), store it in your HTX account. Alternatively, you can send it elsewhere via blockchain transfer or use it to trade other cryptocurrencies.Step 4: Trade WAR (WAR)Easily trade WAR (WAR) on HTX's spot market. Simply access your account, select your trading pair, execute your trades, and monitor in real-time. We offer a user-friendly experience for both beginners and seasoned traders.

2.2k Total ViewsPublished 2024.03.29Updated 2026.06.02

How to Buy WAR

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of WAR (WAR) are presented below.

活动图片

Top Questions

Hot Categoriesright-arrow

Hot Tagsright-arrow