Real-world asset (RWA) re-staking protocol Zoth loses $8.4M to hackers

Real-world asset (RWA) re-staking protocol Zoth loses $8.4M to hackers
  • Zoth has lost $8.4M in a hack due to a compromised deployer wallet.
  • Admin privilege leak is being blamed for the attack.
  • The attacker swapped stolen USD0++ to DAI and ETH, evading tracking.

Zoth, a real-world asset (RWA) re-staking protocol designed to bridge traditional finance with blockchain technology, has suffered an exploit that drained over $8.4 million in crypto assets.

The incident, flagged by blockchain security firm Cyvers just after midday, sent shockwaves through the ecosystem, prompting Zoth to halt operations and place its website into maintenance mode as the team scrambled to respond.

The breach unfolded with alarming speed and precision, exposing vulnerabilities in Zoth’s infrastructure.

According to Cyvers, the protocol’s deployer wallet—the critical administrative backbone of the system—was compromised. Roughly 30 minutes before the hack was detected, an attacker upgraded the “USD0PPSubVaultUpgradeable” proxy contract to a malicious version, deployed from a suspicious address.

????ALERT????Our system has detected a suspicious transaction involving @zothdotio. It appears that the protocol’s deployer wallet has been compromised.

30 minutes ago, the proxy contract “USD0PPSubVaultUpgradeable” was upgraded to a contract created by a suspicious address.
The… pic.twitter.com/3OHmvJYpR5

— ???? Cyvers Alerts ???? (@CyversAlerts) March 21, 2025

This swift manoeuvre allowed the hacker to bypass existing security measures, granting them instant control over user funds and enabling the withdrawal of $8.4 million worth of USD0++ tokens.

In the minutes following the theft, the attacker wasted no time covering their tracks. The stolen assets were rapidly converted into the DAI stablecoin and funnelled to a separate address, a move designed to obscure the funds’ origins.

Later, as reported by blockchain analytics firm PeckShield, the hacker swapped the assets into Ethereum (ETH), valued at approximately $1,967 per unit at the time, further complicating efforts to trace the loot.

#PeckShieldAlert @zothdotio hacker has swapped the stolen funds for 4,223 $ETH pic.twitter.com/OAlYk1TqJg

— PeckShieldAlert (@PeckShieldAlert) March 21, 2025

This sophisticated sequence of transactions underscored the attacker’s familiarity with DeFi mechanics and their intent to evade recovery attempts.

Zoth has acknowledged the hack

Zoth’s team was quick to acknowledge the breach, issuing a security notice on X at 3:02 AM PDT on March 21. They confirmed the incident and assured users that they were investigating with urgency, collaborating with partners to mitigate the fallout.

The platform has vowed to release a comprehensive report once it completes its probe, a promise echoed in its commitment to transparency amid the chaos.

Security Notice

Our system has experienced a security breach. We’re actively investigating the incident and taking all necessary steps to resolve it as swiftly as possible.

We are working closely with our partners to mitigate the impact and fully resolve the issue. A detailed…

— ZOTH (@zothdotio) March 21, 2025

For a protocol that had raised $4 million in August 2024 to tokenize secure assets like US Treasury Bills, the hack was a stark reminder of the risks lurking in even the most promising DeFi ventures.


Share this article

Categories

Tags

Read More
Charles Thuo

Latest

385-Million-Year-Old Amber Found in China

Science & Nature Paleontologists in China have discovered what...

Permanent daylight savings is bad for Americans’ health—here’s what science says could be better

Science & Nature More sunlight in the evenings doesn’t...

Chiseled Egyptian princesses knew their way around weapons

Science & Nature Before they were mummies, four royal...

Common Mouth Bacteria May Trigger Dangerous Calcium Buildup in the Heart

Science & Nature A gum disease bacterium may contribute...

Newsletter

Don't miss

385-Million-Year-Old Amber Found in China

Science & Nature Paleontologists in China have discovered what...

Permanent daylight savings is bad for Americans’ health—here’s what science says could be better

Science & Nature More sunlight in the evenings doesn’t...

Chiseled Egyptian princesses knew their way around weapons

Science & Nature Before they were mummies, four royal...

Common Mouth Bacteria May Trigger Dangerous Calcium Buildup in the Heart

Science & Nature A gum disease bacterium may contribute...

Potential Atmosphere Detected on Habitable-Zone Exoplanet LHS 1140b

Science & Nature Using spectral data from the Magellan...

Grey Business processes $61 million as stablecoins dominate payments

Grey Business enables startups and SMEs to open US Dollar (USD) corporate accounts, send and receive international payments, convert currencies, and transact using stablecoins such as USDC and USDT...

Utah Marketers to Host Free Business Networking Event in Layton on June 24

The custom web design company is hosting free monthly networking events for Northern Utah business leaders, with the next event scheduled for June 24 from 4 to 6 p.m. Utah Marketers is hosting a free local business networking event on June 24 from 4 to 6 p.m. at the company’s Layton office. The event is

WellnessVibe Announces Business DNA Workshop in Delhi and Mumbai, where Ancient Sound Wisdom Meets Modern Business Strategy

WellnessVibe has officially announced the launch of its transformative Business DNA Workshop on 7th June 2026 in Delhi and 20th June 2026 in Mumbai. (1888PressRelease) June 03, 2026 - Delhi/Mumbai, India - WellnessVibe has officially announced the launch of its transformative Business DNA Workshop on 7th June 2026 in Delhi and 20th June 2026 in