SlowMist
SlowMist|Jul 15, 2026 15:55
🚨SlowMist TI Alert🚨 💸 @Ostium Loss: ~11,862,445 USDC 🔍 Root Cause: An authorized oracle signer was used to submit malicious price reports through a registered forwarder. The attacker provided validly signed but manipulated oracle data, which was accepted by the oracle verification mechanism. By repeatedly opening and closing trades with artificially favorable prices, the attacker generated artificial profits and drained funds from the OstiumVault. 📌 Attacker Address: 0xd1794196f0fc99c7f27970e661597d77d9a85869 📌 Victim Address: 0x20d419a8e12c45f88fda7c5760bb6923cee27f98 (vault) 📌 Vulnerable Contract: 0x0aebc4094b60ea4e21e937e80dafdd58c07c5ebb (OstiumPrivatePriceUpKeep impl) & 0xd456939e54f68ef9b0be62abb2ec4a37397cb814 (OstiumVerifier) Impact: The attacker exploited compromised oracle privileges to submit manipulated price reports and execute repeated profitable trades, draining ~11.86M USDC from the vault. Powered by http://SlowMist.AI Tx: https://arbiscan.io/tx/0x359f8c05b86a4409d60cfba02084334313fd94b19f74a294fb7fc4ea7d4870e0(SlowMist)
+6
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads