Pavlo Kot

Ostium halts trading after suspected $22 million exploit

Ostium halts trading after suspected $22 million exploit
Ostium halts trading after suspected $22 million exploit

​Decentralized trading protocol Ostium has temporarily halted all operations after detecting an incident affecting its OLP liquidity pool. Cybersecurity analysts estimate that the attack may have resulted in losses ranging from $18 million to $22 million.

The project team said it is investigating the incident and has not yet confirmed either the cause of the exploit or the total amount of funds lost. Users have been advised to revoke smart contract approvals until the investigation is completed.

Developers said they are working to restore platform functionality and recover the affected funds. According to the team, law enforcement agencies, blockchain security initiative SEAL 911, and several cybersecurity researchers are already tracking the movement of the stolen assets.

Built on Arbitrum, Ostium offers leveraged perpetual trading across 75 assets, including stocks, ETFs, commodities, stock indices, foreign exchange pairs, and cryptocurrencies.

Oracle compromise may be behind the attack

According to blockchain security firms Blockaid and CertiK, the incident was likely caused by a compromise of the protocol's oracle infrastructure responsible for supplying external price data.

Blockaid estimated the losses at approximately $18 million, while CertiK placed the potential damage at around $22 million.

At the time of publication, Ostium had not disclosed any technical details of the attack and said the investigation remains ongoing.

DeFi exploits remain a major challenge

The Ostium incident is the latest example of a successful attack against a decentralized finance protocol in 2026.

According to DeFiLlama, cryptocurrency hacks resulted in nearly $630 million in losses in April alone, marking the highest monthly total since February 2025. Most of the damage came from attacks targeting DeFi protocols.

Security researchers note that attackers are increasingly targeting the infrastructure surrounding smart contracts rather than the contracts themselves, including oracles, privileged access management systems, and key storage mechanisms.

Earlier, analysts at JPMorgan identified infrastructure security as one of the primary obstacles to institutional adoption of DeFi.

During the second quarter of 2026, the cryptocurrency industry recorded a record number of successful hacks. Researchers documented 83 incidents resulting in approximately $755 million in stolen assets. Despite the record number of attacks, total losses remained well below the industry's all-time quarterly high of $3.56 billion, recorded in the fourth quarter of 2020.

Earlier, users of Polymarket lost approximately $2.9 million in a phishing attack. Following the incident, the platform said it would reimburse affected users and strengthen its security measures.

This material may contain third-party opinions, none of the data and information on this webpage constitutes investment advice according to our Disclaimer. While we adhere to strict Editorial Integrity, this post may contain references to products from our partners.
Weekly Top Bonuses
up to $2,500
deposit bonus for all clients
CLAIM BONUS
Your capital is at risk.