DeFi

Ostium Halts Trading After Apparent Oracle Exploit, Security Firms Estimate Up to $22 Million Lost

Ostium paused all trading and urged users to revoke contract approvals after Blockaid and CertiK reported an apparent oracle exploit draining between $18 million and $22 million from its OLP vault.

⏱ 2 min read DeFi
Quick Summary
  • Blockaid estimated $18 million in losses; CertiK placed the figure at $22 million, both attributing the attack to an oracle system compromise
  • Ostium suspended all trading on Arbitrum and urged users to revoke contract approvals while its team investigates
  • The incident adds to a mounting 2026 DeFi hack toll, with April alone seeing nearly $630 million in losses according to DeFiLlama

Arbitrum-based perpetuals protocol Ostium suspended all trading on Wednesday and told users to revoke their contract approvals, after blockchain security firms Blockaid and CertiK flagged an apparent exploit targeting its OLP liquidity vault. Estimated losses range from $18 million to $22 million, though the protocol has not confirmed the figures.

What Happened

Blockaid estimated losses of roughly $18 million, while CertiK placed the figure closer to $22 million. Both firms pointed to a compromise of Ostium’s oracle system, the offchain component that feeds external price data into the protocol, as the apparent attack vector.

Ostium confirmed on X that it paused all trading after identifying an issue affecting the vault. The team subsequently issued a public warning, stating: ‘With user security being our first concern, we recommend that all users temporarily revoke approvals for our contracts until we can further investigate the recent incident.’

The protocol added that its team is actively investigating and has not yet confirmed the root cause of the incident or validated the loss estimates reported by the two security firms.

What Ostium Is

Built on Arbitrum, Ostium is an onchain perpetuals trading platform offering leveraged exposure across 75 trading pairs. Those pairs span stocks, ETFs, commodities, indices, foreign exchange, and cryptocurrencies.

DeFi Hacks: A Persistent Wave

The Ostium incident is the latest in a sustained run of high-profile attacks on decentralized finance protocols in 2026. According to DeFiLlama, crypto hacks generated nearly $630 million in losses during April alone, the highest monthly figure since February 2025. DeFi protocols absorbed the vast majority of that damage, with exploits at KelpDAO and Drift Protocol together accounting for more than 80 percent of April’s total.

Security researchers have noted a clear shift in attacker tactics: recent DeFi exploits increasingly target offchain infrastructure, including oracle systems, privileged access controls, and key management, rather than flaws in smart contract code itself.

Institutional Confidence Under Pressure

Repeated high-value attacks have sharpened concerns about DeFi’s readiness for institutional participation. A JPMorgan research note published in April flagged bridge security as a core challenge for the sector and raised questions about DeFi’s ability to scale for broader institutional use.

Industry executives have warned that shrinking DeFi yields are making the security risk harder to justify. Misha Putiatin, CEO of smart contract security firm Statemind and co-founder of Symbiotic, said in May that institutions increasingly struggle to quantify hack risk, leaving them less willing to accept the sector’s returns despite growing interest in blockchain-based finance.

⚖️ Our Verdict ⚖️ Watch and Wait

An eight-figure oracle exploit and a full trading halt is a serious incident, and it fits a pattern security researchers have been warning about: attackers going after offchain infrastructure rather than smart contract code. But the facts are not settled. Ostium has confirmed neither the cause nor the losses, and the two security firms' estimates differ by $4 million. The trend matters more than this single incident, and the trend is that DeFi's weak point has moved outside the code.