Ostium releases an update on the attack incident, price data was attacked, but traders' collateral and positions were not affected
Ostium released an update on the attack incident. Its liquidity provider fund was attacked on July 15, resulting in a loss of 23,752,746 USDC. Preliminary investigations indicate that the attacker compromised the off-chain infrastructure that provides price data to the protocol and submitted disguised illegal price reports, extracting artificially generated profits from the fund by quickly opening and closing multiple large positions.
Ostium stated that traders' collateral is stored in independently isolated smart contracts and was not affected by this incident, with all trading positions remaining open. The team paused trading and froze all trading contracts within 60 minutes after the first attack transaction occurred. Currently, Ostium is collaborating with Mandiant, zeroShadow, Collisionless, SEAL 911, and law enforcement agencies, coordinating with trading platforms, bridging contracts, and stablecoin issuers to advance the investigation. The engineering team is focused on repairing and strengthening the relevant infrastructure to support the secure resumption of trading.
Ostium indicated that it will notify at least 24 hours in advance before unfreezing the trading contracts. After trading resumes, existing positions will be marked at the price at the time of reopening, unaffected by price fluctuations during the pause. Addressing the affected liquidity providers and securely resuming trading remains the current top priority.






