Zoth Protocol Suffers $8.4 Million Hack

On March 21, hackers targeted the real-world asset restaking protocol (RWA) Zoth. According to Cyvers Alerts, the damage amounted to approximately $8.4 million in cryptocurrency. 

?ALERT?Our system has detected a suspicious transaction involving @zothdotio. It appears that the protocol’s deployer wallet has been compromised.

30 minutes ago, the proxy contract “USD0PPSubVaultUpgradeable” was upgraded to a contract created by a suspicious address.
The… pic.twitter.com/3OHmvJYpR5

— ? Cyvers Alerts ? (@CyversAlerts) March 21, 2025

Analysts noticed the suspicious transaction 30 minutes after it occurred. The company noted that the perpetrator withdrew funds in the stablecoin USD0++, almost immediately converted them to DAI, and transferred them to another address.

Preliminary analysis suggests the incident was due to a vulnerability in the protocol’s smart contracts. Cyvers Alerts representative Hakan Unal told Cointelegraph that the hack was likely caused by an administrator rights leak. 

“Unlike typical exploits, this method bypassed security mechanisms and instantly provided full control over user funds,” he explained. 

Zoth confirmed the attack but has yet to release details. At the time of writing, the RWA protocol’s website is under maintenance. 

Security Notice

Our system has experienced a security breach. We’re actively investigating the incident and taking all necessary steps to resolve it as swiftly as possible.

We are working closely with our partners to mitigate the impact and fully resolve the issue. A detailed…

— ZOTH (@zothdotio) March 21, 2025

Earlier in March, South Korea’s Wemix Foundation disclosed a major hack amounting to $6.2 million, which occurred at the end of February.