Ostium, a decentralized perpetuals exchange operating on the Arbitrum network, experienced a significant security breach on Wednesday that resulted in a loss of approximately $18 million in USDC. Attackers gained access to a critical oracle signer key and manipulated the platform’s price feed, leading to artificial trading profits and a major drain on assets.
Attack exploited price oracle via compromised key
Blockchain security firm Blockaid reported that the exploit was executed using a registered PriceUpKeep forwarder and future-dated oracle price reports. By submitting these manipulated inputs, the attackers were able to generate large, fake profits from trading activities. The resulting payouts were issued from Ostium’s liquidity vault directly in USDC, a widely used stablecoin issued by Circle.
Blockaid stated that nearly one-third of Ostium’s total liquidity, which amounted to about $63 million at the time of the breach, was drained in the attack. The manipulation targeted Ostium’s core mechanism for pricing assets, which relies on oracles—external data feeds that set current trading values.
Mini dictionary: Oracle signer key — A cryptographic key used by trusted entities to validate and submit price or data reports to blockchain networks. If compromised, it can enable attackers to falsify on-chain information, undermining protocol security.
Ostium posted on X, “We are aware of the issue with the OLP vault. We have paused all trading. The team is investigating.”
Vulnerability shakes decentralized finance sector
Ostium functions as a decentralized exchange (DEX), enabling users to trade perpetual futures that track real-world assets such as stocks, commodities, foreign exchange markets, and indices. As a typical DEX, the platform allows users to retain custody of their funds and does not require personal identification.
This incident highlights persistent vulnerabilities in the decentralized finance (DeFi) sector. More than $840 million has already been stolen from DeFi protocols in the first five months of 2026 alone, with notable attacks on KelpDAO, which lost $292 million, and Drift Protocol, which lost $285 million. In June, hackers also stole over $25 million from Resolv Labs.
| Protocol | Loss Amount | Date |
|---|---|---|
| Ostium | $18 million | June 2026 |
| KelpDAO | $292 million | Early 2026 |
| Drift Protocol | $285 million | Early 2026 |
| Resolv Labs | $25 million | June 2026 |
Rising concern over AI-driven exploits
Security professionals are increasingly warning that advances in artificial intelligence are making it easier to discover vulnerabilities within smart contracts and blockchain infrastructure. Danny Jenkins, CEO and co-founder of cybersecurity firm ThreatLocker, noted that modern AI systems are outperforming humans in reviewing code and identifying weaknesses.
Jenkins explained, “AI is far better at reviewing code than most people and finding potential vulnerabilities in it,” and emphasized that newer models like Mythos could make the discovery process even more effective, signaling an imminent major challenge for security teams.
He added that it is only a matter of time before malicious actors leverage state-of-the-art AI tools to exploit these vulnerabilities at scale.
Recently, security researcher Taylor Hornby used Anthropic’s Claude Opus 4.8 model to uncover a four-year-old counterfeiting bug in Zcash, demonstrating that advanced AI tools can now identify even complex and longstanding software flaws.
Mini dictionary: Zcash — A privacy-focused cryptocurrency that uses advanced cryptography to shield transaction details. Security vulnerabilities in such protocols can undermine privacy or allow unauthorized coin creation.




