Real-world asset (RWA) re-staking protocol Zoth loses $8.4M to hackers
- Zoth has lost $8.4M in a hack due to a compromised deployer wallet.
- Admin privilege leak is being blamed for the attack.
- The attacker swapped stolen USD0++ to DAI and ETH, evading tracking.
Zoth, a real-world asset (RWA) re-staking protocol designed to bridge traditional finance with blockchain technology, has suffered an exploit that drained over $8.4 million in crypto assets.
The incident, flagged by blockchain security firm Cyvers just after midday, sent shockwaves through the ecosystem, prompting Zoth to halt operations and place its website into maintenance mode as the team scrambled to respond.
The breach unfolded with alarming speed and precision, exposing vulnerabilities in Zoths infrastructure.
According to Cyvers, the protocols deployer walletthe critical administrative backbone of the systemwas compromised. Roughly 30 minutes before the hack was detected, an attacker upgraded the USD0PPSubVaultUpgradeable proxy contract to a malicious version, deployed from a suspicious address.
ALERTOur system has detected a suspicious transaction involving @zothdotio. It appears that the protocol's deployer wallet has been compromised.
30 minutes ago, the proxy contract "USD0PPSubVaultUpgradeable" was upgraded to a contract created by a suspicious address.
The pic.twitter.com/3OHmvJYpR5Cyvers Alerts (@CyversAlerts) March 21, 2025
This swift manoeuvre allowed the hacker to bypass existing security measures, granting them instant control over user funds and enabling the withdrawal of $8.4 million worth of USD0++ tokens.
In the minutes following the theft, the attacker wasted no time covering their tracks. The stolen assets were rapidly converted into the DAI stablecoin and funnelled to a separate address, a move designed to obscure the funds origins.
Later, as reported by blockchain analytics firm PeckShield, the hacker swapped the assets into Ethereum (ETH), valued at approximately $1,967 per unit at the time, further complicating efforts to trace the loot.
#PeckShieldAlert @zothdotio hacker has swapped the stolen funds for 4,223 $ETH pic.twitter.com/OAlYk1TqJg
PeckShieldAlert (@PeckShieldAlert) March 21, 2025
This sophisticated sequence of transactions underscored the attackers familiarity with DeFi mechanics and their intent to evade recovery attempts.
Zoth has acknowledged the hack
Zoths team was quick to acknowledge the breach, issuing a security notice on X at 3:02 AM PDT on March 21. They confirmed the incident and assured users that they were investigating with urgency, collaborating with partners to mitigate the fallout.
The platform has vowed to release a comprehensive report once it completes its probe, a promise echoed in its commitment to transparency amid the chaos.
Security Notice
Our system has experienced a security breach. Were actively investigating the incident and taking all necessary steps to resolve it as swiftly as possible.
We are working closely with our partners to mitigate the impact and fully resolve the issue. A detailed
ZOTH (@zothdotio) March 21, 2025
For a protocol that had raised $4 million in August 2024 to tokenize secure assets like US Treasury Bills, the hack was a stark reminder of the risks lurking in even the most promising DeFi ventures.
The post Real-world asset (RWA) re-staking protocol Zoth loses $8.4M to hackers appeared first on CoinJournal.
Read more: https://coinjournal.net/news/real-world-asset-rwa-re-staking-protocol-zoth-loses-8-4m-to-hackers/
Text source: CoinJournal: Home
