DigitalMoneyBox Signal Desk
DigitalMoneyBox Crypto market intelligence
Browse sections
Security Protos

More oracle exploits as Ostium loses over $20M

Ostium, a decentralized perpetual futures exchange, has been hacked on the Arbitrum network via a suspected private key compromise of its oracle signer. A number of crypto security firms flagged suspicious outflows, with...

78 /100
Market signal

Watchlist

Published in the last two hours. Multiple named entities are involved.

More oracle exploits as Ostium loses over $20M

Ostium, a decentralized perpetual futures exchange, has been hacked on the Arbitrum network via a suspected private key compromise of its oracle signer.

A number of crypto security firms flagged suspicious outflows, with estimates loss estimates ranging from $18 to over $23 million.

Ostium’s official X account confirmed an “issue” with its OLP vault shortly thereafter.

We are aware of the issue with the OLP vault. We have paused all trading. The team is investigating.

— Ostium (@Ostium) July 15, 2026

Read more: Supra patched oracle on 11 other chains before $9M Hedera exploit

Ostium allows for trading perpetual futures of stocks, commodities, and forex, and held approximately $63 million of assets, pre-hack, according to DeFiLlama data.

Its OLP vault acts as the protocol’s settlement layer, into which users deposit USDC to open trades on the platform.

Decurity, highlighting an example transaction, explained that “the attacker fed self-signed favorable prices to open and immediately close trades at a profit, draining ~11.86M USDC from the OstiumVault.”

Net transfers during one of the attack transactions, in which the OLP vault sends a total of almost $12 million to the attacker.

Read more: Cap ‘stabledrop’ U-turn sees cUSD drop $23M, founder denies self dealing claims

DeFi dangers

The loss comes just four days after $9 million was lost from Bonzo Finance on the Hedera network, also due to an exposed price oracle.

Supra, the firm behind the vulnerable oracle had previously patched deployments on 11 other chains in the days leading up to the exploit.

Last week, Summer Finance was hacked, also via a price manipulation attack, losing $6 million. It’s announced today that it will not be able to recover from the incident and will be winding down.

After 7 amazing years building in DeFi, the recent exploit on the Lazy Summer Protocol has forced us into the very difficult decision to wind down https://t.co/ccpDrJSnsA and sunset the UI.

We want to thank all our users, the community and supporters – you made it worthwhile.

— Summer.fi (@summerfinance_) July 15, 2026

Read more: DeFi platform Summer Finance loses $6M in vault exploit

In the first half of 2026, the DeFi sector has seen over $900 million lost in 87 incidents, with over 80% of the losses caused by compromised private keys or bridge hacks.

Of these, two incidents make up the majority, Drift Protocol and LayerZero/KelpDAO. Following the latter, the contagion threat led Arbitrum’s Security Council to step in and freeze over $70 million of stolen funds. 

It remains to be seen whether Ostium’s loss warrants a similar reaction.

Got a tip? Send us an email securely via Protos Leaks. For more informed news and investigations, follow us on XBluesky, and Google News, or subscribe to our YouTube channel.

The post More oracle exploits as Ostium loses over $20M appeared first on Protos.

Why this matters

Hedera is showing up inside the Stablecoins theme, so this story is worth tracking for follow-through rather than treating it as a one-off headline.

Original source

Read on Protos

Related market context