Arbitrum RWA Trading Platform Ostium Hit After Suspected Admin Key Leak; Loss Estimated at $11.86M
AI Market Summary
Ostium, an RWA trading platform on Arbitrum, was exploited for an estimated $11.86M, likely via a leaked admin/authorized signer private key that enabled price manipulation through signed upkeep updates. Trading has been suspended while the team investigates. The incident highlights operational and key-management risks in DeFi perps/RWA venues and can weigh on Arbitrum ecosystem confidence and near-term onchain activity.
Impact level
● Medium
Affected assets
ARB/USDT+0.43%
AI Insight · ARB/USDTAI Insight
▼ Bearish
Trade now
⚠️ AI-generated insights are based on news content and are provided for informational purposes only. They do not constitute investment advice or represent the views of BingX. Investing involves risk. Please trade responsibly.
ChainThink said that on July 16, GoPlus monitoring flagged a security incident involving Ostium, an RWA trading platform on Arbitrum, after a suspected leak of an administrator account's private key. Estimated losses are about $11.86 million.
According to the report, the attacker opened a position via the openTrade function, manipulated prices using performUpkeep, then realized gains by calling closeTradeMarket. Because price submissions through performUpkeep require signature verification from an authorized account, the incident indicates the private key tied to that authorized signer may have been compromised.
After the attack occurred last night, Ostium halted all trading. The team said it is continuing its investigation.