Summary

  • Ostium experienced a loss of approximately $18 million USDC due to an oracle exploit on Wednesday.
  • The attackers exploited a compromised oracle signer key to submit fraudulent future-dated price reports.
  • This incident drained nearly one-third of the protocol's liquidity.

On Wednesday, Ostium reported a loss of about $18 million following an oracle exploit, where attackers compromised an oracle signer key to manipulate the price feed of the decentralized exchange, thereby generating fictitious trading profits, as detailed by blockchain security firm Blockaid.

According to a post on X by Blockaid, the attacker utilized a registered PriceUpKeep forwarder along with future-dated authorized oracle reports to fabricate trading profits, which led to a significant payout in the form of USDC, a stablecoin issued by Circle, from Ostium's liquidity vault.

Ostium acknowledged the situation on X, stating, “We are aware of the issue with the OLP vault. We have paused all trading. The team is investigating.”

Operating on Arbitrum, Ostium provides perpetual futures linked to real-world assets such as stocks, commodities, foreign exchange, and indices. As a decentralized exchange (DEX), it allows users to maintain control over their funds without requiring personal identification. At the time of the exploit, the protocol had approximately $63 million in total value locked, meaning the attack drained nearly one-third of its liquidity.

This incident is part of a troubling trend in the DeFi space, which is experiencing one of its worst years for exploits. DeFi, or decentralized finance, refers to financial applications that function on blockchain networks without the need for traditional intermediaries like banks. In the first five months of 2026, over $840 million was stolen from DeFi protocols, including notable hacks of $292 million from KelpDAO and $285 million from Drift Protocol. Additionally, Resolv Labs was targeted in June, resulting in the theft of over $25 million.

Experts in security caution that advancements in artificial intelligence are expediting the discovery of vulnerabilities. Danny Jenkins, CEO and co-founder of ThreatLocker, previously stated to Decrypt that “AI is far better at reviewing code than most people and finding potential vulnerabilities in it.” He noted that current AI systems are enhancing the speed of vulnerability detection, while emerging models like Mythos could greatly amplify these capabilities, marking it as an impending “big problem.”

According to Jenkins, it is only a matter of time before someone with malicious intent gains access to these tools.

In May, security researcher Taylor Hornby demonstrated the capabilities of Anthropic's Claude Opus 4.8 by identifying a four-year-old counterfeiting vulnerability in Zcash, highlighting how cutting-edge AI models are becoming increasingly proficient at uncovering complex software flaws.

Daily Debrief Newsletter

Stay updated with the latest news stories every day, along with original features, podcasts, videos, and more.