Blockaid Flags Suspected $18M Exploit Targeting Ostium

Binance
Coinmama


Blockaid linked Ostium’s suspected $18M exploit to manipulated oracle reports, prompting an active investigation.

Another major security incident has struck the decentralized finance sector, adding to a growing wave of high-value crypto exploits. Attackers continue finding new ways to manipulate smart contracts and drain protocol funds despite ongoing security improvements. Ostium has now joined the list of affected platforms after a suspected exploit drained approximately $18 million from one of its vaults. 

Blockaid Traces Attack to Oracle Report Manipulation

Blockchain security firm Blockaid has detected a suspected exploit targeting Ostium’s OLP vault on the Arbitrum network. This resulted in an estimated $18 million USDC loss. 

According to Blockaid, an attacker combined a registered PriceUpKeep forwarder with future-dated, authorized oracle reports to fabricate trading profits. That manipulation reportedly triggered an artificial payout of roughly $18 million USDC from the protocol’s vault.

okex

The firm stated that its monitoring system identified the suspicious transaction shortly after it was executed. On-chain records show the transfer was completed about one hour before the security alert was published. Transaction details indicate the exploit was successfully executed in block 484137113 with 410 Layer 1 confirmations. 

Reports also indicate the attacker relied on an “Execute Batch” function call during the exploit. Security researchers have increasingly associated that function with sophisticated smart contract attacks targeting decentralized finance protocols.

Ostium Pauses Trading After Suspected Exploit

Ostium quickly acknowledged the incident after Blockaid disclosed it. In an X post, the protocol confirmed it was aware of issues affecting the OLP vault and immediately paused all trading while the team investigates the cause.

According to the latest update, all trader funds and open positions remain preserved and frozen, while funds held in the trading storage contract have been paused. Ostium said it is working with relevant security experts to investigate the incident and will share additional updates as more information becomes available.

The protocol also warned users about impersonation attempts, cautioning that fake accounts may appear in reply threads claiming to represent Ostium. Users were advised not to click suspicious links while the investigation continues.

Recent Security Breaches Reflect Rising Risks Across DeFi

Growing attack numbers continue to raise concerns across the crypto industry. Earlier in June, attackers compromised Humanity Protocol in an incident that reportedly resulted in losses of between $32 million and $36 million.

According to reports, hackers first targeted a Humanity Foundation director through a phishing campaign. Remote access to the victim’s laptop allegedly provided access to wallet information and private keys. Attackers later transferred approximately 141.18 million H tokens.

Another major exploit occurred in May when Gravity Bridge lost approximately $5.4 million in digital assets. Blockchain security firm PeckShield reported that attackers stole roughly $4.3 million in USDC, 274 wrapped Ether valued at about $553,000, USDT worth approximately $434,000, and 14.164 PAX Gold tokens valued at nearly $64,000.



Source link

fiverr

Be the first to comment

Leave a Reply

Your email address will not be published.


*