Wednesday, July 15, 2026
banner

Arbitrum’s RWA perpetual platform Ostium lost nearly $18 million USDC today after attackers compromised an oracle signer key and manipulated prices.

The root cause was a compromised oracle signer private key. This allowed the attacker to bypass verification checks and submit favorable future prices. They executed around 20 looped trades through delegated actions, instantly profiting at the protocol’s expense without genuine market exposure.

Exploit Drains One-Third of Vault in Hours

Security firm Blockaid first flagged the incident, indicating that the attacker used a registered PriceUpKeep forwarder and future-dated authorized oracle reports to generate artificial trading profits. This triggered repeated open-and-close loops that drained funds from Ostium’s main liquidity vault.

Follow us on X to get the latest news as it happens

On-chain data shows roughly $11.86M–$18M USDC extracted from the vault, representing about 28% of its $63 million TVL at the time of the attack. The primary exploit transaction is publicly verifiable on Arbiscan.

Ostium TVL. Source: DefiLlama
Ostium TVL. Source: DefiLlama

Ostium is a leading decentralized perpetuals exchange focused on real-world assets, including equities, commodities, forex, and indices, built on Arbitrum.

Major Backing Meets Major Setback

The protocol had raised approximately $27.8 million from top-tier investors including General Catalyst, Jump Crypto, Coinbase Ventures, Wintermute, and GSR.

Despite strong institutional support and multiple audits, the incident exposes persistent risks in oracle-dependent RWA infrastructure.

The exploit is under active investigation. Users should monitor official channels for withdrawal guidance and security updates. The event highlights the need for hardened oracle key management and real-time monitoring in hybrid DeFi protocols.

As the RWA perpetuals sector grows rapidly, this breach serves as a timely reminder: even well-funded projects remain vulnerable to private-key and oracle attacks.

The post Ostium Perp DEX Hit for $18 Million in Brutal Oracle Exploit appeared first on BeInCrypto.

Markets,Breaking,Editor’s Pick,Security (Crypto Scams and Hacks)#Ostium #Perp #DEX #Hit #Million #Brutal #Oracle #Exploit1784131900

banner
crypto & nft lover

Johnathan DoeCoin

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar.

Follow Me

Top Selling Multipurpose WP Theme

Newsletter

banner
crypto & nft lover

Johnathan DoeCoin

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar.

@2022 u2013 All Right Reserved. Designed and Developed by PenciDesign