Ostium Loses $18M USDC in Oracle Exploit on Arbitrum RWA DEX

ARB-3.83%
RWA0.25%

Ostium, an Arbitrum-based real-world asset perpetual exchange, lost nearly $18 million USDC today after attackers compromised an oracle signer private key and manipulated prices. The compromised key allowed attackers to bypass verification checks and submit favorable future prices, executing approximately 20 looped trades through delegated actions to instantly profit at the protocol's expense. The incident exposes persistent security risks in oracle-dependent decentralized finance infrastructure handling real-world asset derivatives.

Blockaid Detects $18 Million Vault Drainage via Oracle Manipulation

Security firm Blockaid first flagged the incident, indicating that the attacker used a registered PriceUpKeep forwarder and future-dated authorized oracle reports to generate artificial trading profits. This triggered repeated open-and-close loops that drained funds from Ostium's main liquidity vault. On-chain data shows roughly $11.86 million to $18 million USDC extracted from the vault, representing approximately 28% of its $63 million total value locked at the time of the attack. The primary exploit transaction is publicly verifiable on Arbiscan.

Ostium Raised $27.8 Million from General Catalyst and Coinbase Ventures

Ostium is a decentralized perpetuals exchange focused on real-world assets, including equities, commodities, forex, and indices, built on Arbitrum. The protocol had raised approximately $27.8 million from investors including General Catalyst, Jump Crypto, Coinbase Ventures, Wintermute, and GSR. Despite strong institutional support and multiple audits, the incident exposes persistent risks in oracle-dependent RWA infrastructure.

Exploit Under Active Investigation with On-Chain Evidence

The exploit is under active investigation. Users should monitor official channels for withdrawal guidance and security updates. The event highlights the need for hardened oracle key management and real-time monitoring in hybrid DeFi protocols.

FAQ

What caused the Ostium exploit today? Attackers compromised an oracle signer private key, allowing them to bypass verification checks and submit favorable future prices. They executed approximately 20 looped trades through delegated actions, instantly profiting at the protocol's expense.

How much did Ostium lose in the oracle attack? On-chain data shows roughly $11.86 million to $18 million USDC extracted from Ostium's vault, representing approximately 28% of its $63 million total value locked at the time of the attack.

Who detected the Ostium security breach? Security firm Blockaid first flagged the incident, identifying that the attacker used a registered PriceUpKeep forwarder and future-dated authorized oracle reports to generate artificial trading profits.

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments