Ostium Loses $21M After Oracle Attack Forces Trading Shutdown
Cryptocurrency trading is speculative and your capital is at risk when you trade. We may earn affiliate commissions from some of the products on this page - at no extra cost to you.

Highlights:
- Decentralized perpetual trading platform Ostium has confirmed a security compromise on its public OLP liquidity vault.
- The compromise utilized false price data, making it possible for the attacker to steal between $18 million and $24 million.
- Ostium’s security team has initiated efforts to mitigate future losses, including suspending trading activities.
Decentralized perpetual trading platform Ostium has suffered a major security breach, resulting in the loss of approximately $21 million from its public OLP liquidity vault. In an X post on Thursday, blockchain investigation firm PeckShieldAlert reported that the attacker capitalized on a vulnerability in the decentralized platform’s oracle system.
The exploit involved using a registered PriceUpKeep forwarder and oracle reports with future timestamps. By feeding false price data into the system, the attacker made it appear as though extremely profitable trades had taken place. For example, fake records showed that Bitcoin positions opened at around $5,000 and closed near $60,000.
These false profits tricked Ostium’s protocol into paying the attacker between $18 million and $24 million in USDC from the OLP liquidity vault. The attacker moved these funds through a single transaction. After receiving the funds, the attacker quickly exchanged the stolen USDC for roughly 12,000 Ethereum (ETH) tokens.
#PeckShieldAlert The @Ostium public OLP vault has been drained of ~$24M $USDC.
The exploiter swapped it for 12.08K $ETH and has deposited 10,540 $ETH to #TornadoCash so far.
The exploiter originally funded Wallet 0x321D…8bfD9 with 1 ETH from #ChangeNow and 1 ETH from… pic.twitter.com/8KDnKHAPIf
— PeckShieldAlert (@PeckShieldAlert) July 16, 2026
The exploiter eventually moved the stolen assets through Tornado Cash, making them very difficult to trace. Meanwhile, initial funding for the attacker’s wallet reportedly came from ChangeNow and Bybit. The unfortunate incident has forced Ostium to halt trading while the team continues to investigate the incident to identify the root cause and mitigate further losses.
Ostium Team Breaks Silence After Losing $21M
Ostium co-founder Kaledora Fontana Kiernan-Linn has confirmed the exploit in an X post today. She said the platform’s security team detected the compromise within minutes of the attack. After confirming the unauthorized access, the team moved to contain further damage by halting the platform’s trading contracts immediately.
She said the platform is working with law enforcement agencies, members of SEAL 911, and foreign cybersecurity specialists to investigate the attack and possibly recover the stolen funds. The co-founder also admitted that delivering updates related to hack incidents is difficult for any project leader. She added that the team understands the trust users place in the platform and remains focused on resolving the situation.
The co-founder stated:
“To the stablecoin issuers, bridges, protocols, and security partners who have moved quickly to assist us: thank you for your continued support. We will continue to provide updates as they arise.”
This morning, between 14:18–14:23 UTC, Ostium experienced a security issue leading to a loss of funds from the public OLP vault. Our team identified the issue within minutes and immediately began taking steps to contain it, including coordinating to pause trading contracts within…
— kaledora (@kaledora) July 15, 2026
Trading Remains Suspended as Investigations Continue
In a separate update, the Ostium team has confirmed that users’ trading positions will remain active on-chain but cannot be changed. In addition, traders’ margin funds will remain locked inside the paused smart contracts. This will prevent the attacker from moving further assets.
The team reported:
“We will continue to provide updates as they become available regarding a timeline for both the resumption of smart contract activity and the recovery of funds.”
A Security Update: Trading remains paused following the security incident. User positions remain open and unmodifiable, and trader margin remains unmoved in frozen trading smart contracts. The team will continue to provide updates as they become available regarding a timeline…
— Ostium (@Ostium) July 16, 2026
Hack Incidents Linked to DeFi Platforms Continue to Rise
On July 6, Crypto2Community reported that Summer.fi, a decentralized finance yield platform, was the target of a security compromise, resulting in losses worth roughly $6 million. The attacker was able to move such funds by using a flash loan worth roughly $65.4 million to manipulate liquidity.
Elsewhere, Hinkal Protocol, another decentralized firm, was exploited for $820,000 after attackers initiated an automatic withdrawal pattern following unauthorized access to the platform.
Best Crypto Exchange
- Over 90 top cryptos to trade
- Regulated by top-tier entities
- User-friendly trading app
- 30+ million users
eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong.







