According to Ostium's statement on July 19, attackers compromised off-chain infrastructure providing price data to the protocol on July 15, submitting fraudulent reports to rapidly open and close large positions and extract artificial profits totaling 23,752,746 USDC from the liquidity provider pool.
Ostium confirmed that trader collateral is held in isolated smart contracts and remained unaffected. The team paused trading and froze all contracts within 60 minutes of the first attack transaction. The protocol is coordinating with Mandiant, zeroShadow, Collisionless, SEAL 911 and law enforcement on the investigation. Upon recovery, existing positions will be marked at the reopening price, unaffected by price movements during the suspension period.