At just after 2 a.m. on January 3, explosions echoed across Caracas. Low-flying aircraft struck military installations. Venezuelan President Nicolás Maduro and his wife were seized by U.S. forces and taken into custody to face narco-terrorism charges.
Mere hours before President Trump announced the operation on Truth Social, a newly created Polymarket account had quietly staked just over $32,000 on Maduro’s exit from power by the end of January. When the news broke, that position paid out $436,759 — a return of more than 1,200 percent in under 24 hours, on an event Polymarket itself had been pricing at roughly 5 to 7 percent odds for weeks. The account had been created less than a week before the operation and had placed bets on only one subject: Maduro’s removal.
Nearly four months later, U.S. Army Special Forces Master Sgt. Gannon Ken Van Dyke is scheduled to be arraigned on Tuesday in the Southern District of New York, where he’s facing charges associated with wire fraud, conspiracy and misuse of national defense information. Neither Van Dyke or his attorney have yet issued a statement, though he is expected to enter a plea in court on Tuesday.
This isn’t the first time something like this has happened. On February 12, an indictment unsealed in Tel Aviv read like something from a different era of espionage — only instead of dead drops and clandestine meetings, the alleged method of exploitation was a cryptocurrency wallet and a prediction market website. An Israeli military reservist and a civilian were charged with placing bets on the online betting site Polymarket regarding the timing of military operations, based on classified information the reservist had accessed by virtue of his military duties.
The investigation, conducted jointly by Israel’s Shin Bet domestic security agency, the Defense Ministry, and the Israel Police, resulted in the arrests of several suspects and was widely believed to be the first public case stemming from classified operational intelligence being used to trade on a prediction market in a kinetic combat environment.
Sixteen days after the bet was made, on February 28, the United States and Israel launched coordinated strikes against Iran under what the Pentagon designated Operation Epic Fury. Before the first explosions were reported in Tehran, on-chain analytics firm Bubblemaps had already flagged six wallets that walked away with roughly $1 million in combined profit on the Polymarket contract “US strikes Iran by February 28, 2026?” Officials say most accounts were funded and activated within 24 hours of the strikes, all concentrated on the same date-specific contract, and all with no prior trading history.
The largest single wallet turned a roughly $61,000 position into a profit of over $493,000. The account bought 560,680 “yes” shares at about 10.8 cents each, when the odds were still at just 17 percent. and walked away with nearly half a million dollars once the contract was resolved. The Iran war-related contracts had, by that point, generated approximately $529 million in total trading volume on the timing-of-attack markets alone, with another $45 million wagered on the single largest contract tied to Supreme Leader Ayatollah Ali Khamenei.
JP Castellanos, Director of Threat Intelligence at Binary Defense, tells The Cipher Brief this pattern “has crossed the threshold into a documented, operational counterintelligence vulnerability.”
“Every time a government or military insider places a pre-operational bet, they are effectively broadcasting classified foreknowledge into a public, blockchain-transparent ledger,” he cautions.
This is no longer a story about gambling. It is a counterintelligence crisis.
A new vector for secrets
Polymarket said it reported suspicious trading in the case involving Van Dyke to law enforcement and that it is cooperating with investigators, while stressing that its rules prohibit trading on material nonpublic information.
Online betting outlets work like a stock exchange for real-world outcomes. Users buy and sell shares tied to whether a given event will happen, with prices shifting in real time as new information enters the market. Its founder and CEO, Shayne Coplan, has been unapologetic about the role of informed traders, insisting that insiders “having an edge in the market is a good thing” because it surfaces accurate predictions faster.
That framing might be defensible when applied to corporate earnings or box office projections, but does it hold when the underlying event is a military strike and the “informed trader” holds a security clearance?
The structural problem is not incidental to Polymarket’s design; it is embedded in it. While rival platform Kalshi is regulated by the Commodity Futures Trading Commission and bans contracts involving wars, terrorism, and assassinations, Polymarket has operated an overseas exchange outside the reach of U.S. authorities. That offshore structure has made it a magnet for the most controversial types of prediction-market wagers.
Users in the United States accessed the platform through virtual private networks that masked their identities, and transactions settled in cryptocurrency — pseudonymous, borderless, and largely resistant to subpoena.
Stephen Piepgrass, a regulatory attorney at Troutman Pepper Locke focused on financial enforcement, tells The Cipher Brief that the platform’s design features are precisely what make it so difficult to police.
“The prediction markets are thriving in part because they permit the use of anonymous accounts, allow trading using cryptocurrency, and do not require geofencing,” he explains. “To date, these have been features, not bugs, of this growing market. But these same factors make policing the markets challenging, if not impossible.”
The Israeli case made explicit what many in intelligence circles had long suspected. A senior Israeli source involved in the details of the affair said it would “cause an earthquake,” describing it as “a serious security scandal in which those involved are suspected of committing acts for the sake of money”.
The adversarial intelligence problem
The danger does not run only from insider to market. It runs in the other direction, too. Dennis Kelleher, a financial reform advocate with deep expertise in derivatives regulation, points out that U.S. adversaries already have both the motive and the means to exploit these markets as a live intelligence feed.
“U.S. adversaries can use event contracts on geopolitical events to try to determine if the U.S. is going to undertake an action against their country,” he tells The Cipher Brief. “They can go on prediction market platforms and see the baseline of activity on these event contracts and then monitor for any unusual activity, which could be a spike in activity or a newly opened account that places a large bet in the midst of reporting on a possible action. That could easily tip off an adversary that insiders who know what is going to happen are the ones driving the activity.”
Castellanos echoes the assessment, noting that foreign intelligence services like Russia’s Foreign Intelligence Service and China’s Ministry of State Security are almost certainly already doing exactly that.
A sudden price spike on a “U.S. strikes Iran by a certain date” contract three hours before an operation, he contends, carries actionable intelligence value, potentially providing warning time to Iranian partners or informing Russian diplomatic positioning.
The manipulation vector runs in the opposite direction as well. Kelleher warns that adversaries could just as easily use these markets offensively, placing large bets to manufacture the appearance of insider knowledge and sowing anxiety without firing a shot.
Piepgrass offers a concrete example.
“An adversary could create a new account and place a large bet around, for example, a major regional power grid going down,” he notes. “If U.S. intelligence monitors the markets and believes an attack on the grid is imminent, it could divert resources and focus to that area, leaving the actual target more vulnerable.”
On March 10, Times of Israel military correspondent Emanuel Fabian reported that an Iranian missile had struck an open area outside Beit Shemesh. The attack caused no reported casualties but what Fabian didn’t know at the time was that his dispatch had become the resolution trigger for a Polymarket contract with more than $14 million wagered on whether Iran would strike Israel that day.
What followed was a pressure campaign: emails, WhatsApp messages, fabricated legal threats, and eventually death threats from users who had lost positions worth an estimated $900,000. Some of them demanded he rewrite his reporting. Polymarket condemned the harassment, banned the accounts involved, and said it was cooperating with authorities.
What the episode made plain was something Polymarket’s defenders had not seriously reckoned with: that contracts carrying enough money can turn journalists into targets, with their reporting becoming leverage in someone else’s financial bet.
Matthew Wein, a national security analyst who has studied prediction markets and insider threat dynamics, tells The Cipher Brief that the risk of foreign manipulation is real and relatively easy to execute.
“For a relatively cheap level of investment, an adversary could buy up the price of a certain market to drive news coverage of the change in price or probability,” he says. “Given news organizations’ agreements with prediction markets, the ability to change the narrative of a given news story seems relatively easy.”
Washington moves — slowly
Congress has begun to stir. Federal officials, political appointees, and executive branch staff would be barred from trading event contracts tied to government policy based on nonpublic information under a bill introduced by Representative Ritchie Torres in the House.
Senator Adam Schiff and Representative Mike Levin jointly introduced the DEATH BETS Act on March 10, which would explicitly prohibit any CFTC-registered exchange from listing event contracts referencing terrorism, assassination, war, or an individual’s death.
That same day, Senator Richard Blumenthal introduced the Prediction Markets Security and Integrity Act to address fraud, insider trading, and broader market manipulation. Then, on March 17, Senator Chris Murphy and Representative Greg Casar introduced the BETS OFF Act, which would ban trades on war, terrorism, assassination, non-financial government actions, and events where someone controls or knows the outcome in advance. Senator Blumenthal put it directly, stating that “prediction markets have become a haven for insider trading, market manipulation, and underage gambling” and that these “billion-dollar businesses are turning war into a casino game.”
Yet the legislative momentum faces structural headwinds. Donald Trump Jr. is an adviser to Polymarket, and his venture capital firm 1789 Capital has invested millions in the company. The Trump administration dropped two federal investigations into the platform — one civil, one criminal — that were opened under former President Joe Biden. By November 25, 2025, Polymarket had its CFTC designation in hand, cleared to run a fully regulated United States exchange. Come February 2026, the company was being valued at $9 billion. Three months later, on February 25, the CFTC’s enforcement division issued a public advisory reminding markets that it has full authority to pursue illegal trading practices on any designated contract market — including prediction platforms.
Still, legal analysts note that how insider trading rules apply in practice, particularly to offshore platforms beyond the agency’s direct reach, remains dangerously unresolved.
Matt Motta, a policy expert who has studied the legislative proposals, tells The Cipher Brief that both the Public Integrity Act and the DEATH BETS Act are necessary but insufficient.
“I think we can do more,” he asserts. “Only regular audits of prediction market transaction reports can allow government regulators to survey the full scope of trading on political markets, and assess how those transactions might impact national security.”
The definitional problem compounds the enforcement gap. Piepgrass notes that the Commodity Exchange Act prohibits prediction contracts related to terrorism, assassination, and war — yet those concepts resist precise legal definition.
“The last time Congress formally declared war was during World War II,” he points out. “Is removing a head of state, like Maduro, a form of war? How about the action in Iran?”
Kelleher is more direct about where the fault lies.
“Current law could be sufficient to address these risks from U.S.-based bettors if the law were actually aggressively enforced,” he explains. “However, the administration generally and the CFTC in particular refuse to enforce the law and are cheerleaders for the prediction market industry.”
When asked what it would actually take for Washington to close that gap, Castellanos is blunt.
“The legislative package is a necessary first step and will deter the unsophisticated opportunist,” he adds. “It will not deter the deliberate foreign asset, the sophisticated contractor insider, or the allied military officer.”
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
