AI 摘要
Another DeFi Exploit: Perp DEX Ostium Loses $18 Million in Oracle Attack Ostium lost roughly $18 million on Wednesday after attackers compromised an oracle signer key and manipulated the decentralized perpetuals excha...
风险提示
这条新闻可能带来较大波动,建议先核对原文和后续公告。
所属事件
Ostium loses $18 million in oracle attack that gamed its own price-feed infrastructure
An attacker drained approximately $18 million in USDC from Ostium's liquidity vault on Arbitrum in an oracle manipulation exploit detected by blockchain security firm Blockaid , onchain data shows . According to Block... 已聚合 2 个来源,主要涉及 USDC。
Another DeFi Exploit: Perp DEX Ostium Loses $18 Million in Oracle Attack
Ostium lost roughly $18 million on Wednesday after attackers compromised an oracle signer key and manipulated the decentralized perpetuals exchange's price feed to generate fake trading profits, according to blockchain security firm Blockaid.
In a post on X, Blockaid said the attacker used a registered PriceUpKeep forwarder and future-dated authorized oracle reports to create artificial trading profits, triggering the multi-million payout—in the form of the Circle-issued stablecoin USDC—from Ostium's liquidity vault.
“We are aware of the issue with the OLP vault,” Ostium wrote on X. “We have paused all trading. The team is investigating.”
Built on Arbitrum , Ostium offers perpetual futures tied to real-world assets including stocks, commodities, foreign exchange markets, and indices. It operates as a decentralized exchange, or DEX , meaning users largely stay in control of their funds and do not provide personally identifiable information. At the time of the attack, the protocol held about $63 million in total value locked, meaning the exploit drained close to one-third of its liquidity.
The attack comes amid one of the worst years on record for DeFi exploits. DeFi , or decentralized finance, refers to financial applications that operate natively on blockchain networks, without third-party intermediaries like banks. More than $840 million was stolen from DeFi protocols in the first five months of 2026, including $292 million stolen from KelpDAO and $285 million from Drift Protocol. Hackers also targeted Resolv Labs in June, stealing over $25 million .
Security experts warn that advances in artificial intelligence are accelerating exploit discovery.
"AI is far better at reviewing code than most people and finding potential vulnerabilities in it," Danny Jenkins, CEO and co-founder of ThreatLocker , previously told Decrypt . Jenkins said current AI systems are already accelerating vulnerability discovery, while newer models such as Mythos could significantly expand those capabilities, calling it an imminent “big problem.”
“It will be only a matter of time until someone bad gets access to it,” he said.
In May, security researcher Taylor Hornby used Anthropic's Claude Opus 4.8 to identify a four-year-old counterfeiting vulnerability in Zcash, underscoring how frontier AI models are becoming increasingly effective at finding complex software flaws.
Your gateway into the world of Web3
The latest news, articles, and resources, sent to your inbox weekly.
© A next-generation media company. 2026 Decrypt Media, Inc.
新闻图片


