Zoth, a real-world asset (RWA) restaking layer, has been hacked for $8.4 million of staked USD0++ after somebody tampered with its proxy contract.
X person @0xtroll first noticed the exploit right now. Blockchain safety analyst Cyvers deduced that anyone utilizing a suspicious deal with was in a position to tweak Zoth’s “USD0PPSubVaultUpgradeable” contract.
The hacker then withdrew $8.45 million price of USD0++ earlier than swapping it for DAI and again into ether (ETH), the place 4,223 ETH (price $8.29 million) at present sits.
SlowMist Safety Alert
We have now detected that @zothdotio has been exploited, doubtless on account of a leakage of Admin privileges, ensuing within the logic contract being tampered with and changed by a malicious contract.
Btw, due to @0xtroll for the shout-out.
As at all times, keep… pic.twitter.com/nQfHPYT2OV
— SlowMist (@SlowMist_Team) March 21, 2025
Learn extra: ‘AI’ crypto buying and selling agent, aixbt, hacked for $100K
Crypto analysts SlowMist additionally steered that Zoth “admin privileges” had been probably leaked, resulting in somebody hacking Zoth by maliciously tampering with the logic contract.
Zoth was hacked earlier this month for $285,000 after attackers exploited a Uniswap V3 liquidity pool.
Zoth claims it’s investigating the incident whereas trying to resolve the difficulty and can launch an in depth report afterward. The agency permits RWAs to be transformed into collateralized debt positions and ZeUSD tokens which can be backed by the RWA.
Protos has reached out to Zoth for remark however at publication time has obtained no response. We’ll replace ought to we hear again.
Bought a tip? Ship us an e-mail securely by way of Protos Leaks. For extra knowledgeable information, observe us on X, Bluesky, and Google Information, or subscribe to our YouTube channel.