Login
Sign Up
Woofun AI reports that decentralized trading protocol Ostium suspended all operations on Wednesday after security firms Blockaid and CertiK identified a critical exploit within its OLP liquidity vault. The disruption stems from a compromise of the oracle system on Arbitrum, which provides essential external price data to the platform. Ostium immediately halted trading and advised users to revoke contract approvals while an internal investigation into the cause and extent of the breach continues.
Financial estimates of the damage vary significantly between the reporting firms, with Blockaid calculating losses at approximately $18 million and CertiK placing the figure higher at $22 million. Ostium operates as an onchain perpetuals trading platform, offering leveraged exposure to 75 trading pairs that include stocks, ETFs, commodities, indices, foreign exchange, and cryptocurrencies. The protocol has not yet officially confirmed the specific cause of the incident or validated the loss figures provided by external security analysts.
This event contributes to a sharp escalation in decentralized finance hacks, with total losses reaching nearly $630 million in April, the highest monthly total since February 2025. Per Woofun AI, DeFi protocols bore the brunt of these attacks, with exploits at KelpDAO and Drift Protocol accounting for more than 80% of the month’s total losses. The concentration of high-value breaches indicates a persistent vulnerability in the sector’s core infrastructure despite ongoing security improvements.
Security researchers note a strategic shift in attack vectors, with adversaries increasingly targeting offchain infrastructure such as oracle systems, privileged access, and key management rather than relying solely on smart contract flaws. This evolution raises significant concerns regarding the readiness of DeFi for institutional adoption, as highlighted by JPMorgan analysts in an April research note. The firm emphasized that bridge security remains a critical challenge, questioning whether the sector can scale to support broader institutional participation without addressing these foundational risks.
Market sentiment is further strained by shrinking DeFi yields, which make security risks increasingly difficult to justify for conservative investors. Misha Putiatin, CEO of Statemind and co-founder of Symbiotic, stated in May that institutions struggle to quantify hack risk, reducing their willingness to accept sector returns despite growing interest in blockchain-based finance. This marks a critical juncture where security failures directly impede the capital inflow necessary for mainstream integration.